Don't respond to malformed INFORMATIONAL_V1 messages with another INFORMATIONAL_V1...
authorTobias Brunner <tobias@strongswan.org>
Fri, 25 Nov 2011 17:00:06 +0000 (18:00 +0100)
committerTobias Brunner <tobias@strongswan.org>
Tue, 20 Mar 2012 16:31:08 +0000 (17:31 +0100)
src/libcharon/sa/task_manager_v1.c

index 5c9c926..fe2f7c7 100644 (file)
@@ -658,6 +658,12 @@ static void send_notify_response(private_task_manager_t *this,
        host_t *me, *other;
        u_int32_t mid;
 
+       if (request->get_exchange_type(request) == INFORMATIONAL_V1)
+       {       /* don't respond to INFORMATIONAL requests to avoid a notify war */
+               DBG1(DBG_IKE, "ignore malformed INFORMATIONAL request");
+               return;
+       }
+
        response = message_create(IKEV1_MAJOR_VERSION, IKEV1_MINOR_VERSION);
        response->set_exchange_type(response, INFORMATIONAL_V1);
        response->set_request(response, TRUE);