child-rekey: Ignore failed colliding CHILD_SA rekeyings
authorTobias Brunner <tobias@strongswan.org>
Thu, 2 Jun 2016 15:23:35 +0000 (17:23 +0200)
committerTobias Brunner <tobias@strongswan.org>
Fri, 17 Jun 2016 16:48:08 +0000 (18:48 +0200)
If a passive rekeying fails due to an INVALID_KE_PAYLOAD we don't want
to consider this task later when resolving collisions.  This previously
might have caused the wrong SA to get deleted/installed based on the nonces
in the unsuccessful exchange.

src/libcharon/sa/ikev2/tasks/child_rekey.c

index 5873a84..95e4a3d 100644 (file)
@@ -455,9 +455,18 @@ METHOD(child_rekey_t, collide, void,
        if (other->get_type(other) == TASK_CHILD_REKEY)
        {
                private_child_rekey_t *rekey = (private_child_rekey_t*)other;
+               child_sa_t *other_child;
+
                if (rekey->child_sa != this->child_sa)
+               {       /* not the same child => no collision */
+                       other->destroy(other);
+                       return;
+               }
+               /* ignore passive tasks that did not successfully create a CHILD_SA */
+               other_child = rekey->child_create->get_child(rekey->child_create);
+               if (!other_child ||
+                        other_child->get_state(other_child) != CHILD_INSTALLED)
                {
-                       /* not the same child => no collision */
                        other->destroy(other);
                        return;
                }