Clean up IKE_SA state if IKE_SA_INIT request does not have message ID 0
authorMartin Willi <martin@revosec.ch>
Mon, 11 Mar 2013 10:30:47 +0000 (11:30 +0100)
committerMartin Willi <martin@revosec.ch>
Mon, 11 Mar 2013 10:30:47 +0000 (11:30 +0100)
src/libcharon/sa/ikev2/task_manager_v2.c

index 29d8d83..a53c06b 100644 (file)
@@ -1175,6 +1175,10 @@ METHOD(task_manager_t, process_message, status_t,
                {
                        DBG1(DBG_IKE, "received message ID %d, expected %d. Ignored",
                                 mid, this->responding.mid);
+                       if (msg->get_exchange_type(msg) == IKE_SA_INIT)
+                       {       /* clean up IKE_SA state if IKE_SA_INIT has invalid msg ID */
+                               return DESTROY_ME;
+                       }
                }
        }
        else