ike-sa: Avoid possible integer underflow when scheduling reauth after rekeying
authorTobias Brunner <tobias@strongswan.org>
Fri, 15 Jan 2021 15:19:49 +0000 (16:19 +0100)
committerTobias Brunner <tobias@strongswan.org>
Fri, 12 Feb 2021 14:49:08 +0000 (15:49 +0100)
If the reauthentication is scheduled while rekeying, the difference
might be negative, however, schedule_job() takes an unsigned int,
so the reauth would get scheduled very far in the future.

src/libcharon/sa/ike_sa.c

index 99c1116..0f6f433 100644 (file)
@@ -2982,7 +2982,7 @@ METHOD(ike_sa_t, inherit_post, void,
                time_t reauth, delete, now = time_monotonic(NULL);
 
                this->stats[STAT_REAUTH] = other->stats[STAT_REAUTH];
-               reauth = this->stats[STAT_REAUTH] - now;
+               reauth = max(0, this->stats[STAT_REAUTH] - now);
                delete = reauth + this->peer_cfg->get_over_time(this->peer_cfg);
                this->stats[STAT_DELETE] = this->stats[STAT_REAUTH] + delete;
                DBG1(DBG_IKE, "rescheduling reauthentication in %ds after rekeying, "