ike-sa-manager: Don't update entries for init messages after unlocking segment
authorTobias Brunner <tobias@strongswan.org>
Mon, 18 Jan 2016 16:33:29 +0000 (17:33 +0100)
committerTobias Brunner <tobias@strongswan.org>
Mon, 1 Feb 2016 09:39:29 +0000 (10:39 +0100)
If the retransmit of an initial message is processed concurrently with the
original message it might not have been handled as intended as the
thread processing the retransmit might not have seen the correct value
of entry->processing set by the thread handling the original request.

For IKEv1, i.e. without proper message IDs, there might still be races e.g.
when receiving a retransmit of the initial IKE message while processing the
initiator's second request.

Fixes #1269.

src/libcharon/sa/ike_sa_manager.c

index 4625df5..3d15009 100644 (file)
@@ -1288,14 +1288,13 @@ METHOD(ike_sa_manager_t, checkout_by_message, ike_sa_t*,
                                                entry = entry_create();
                                                entry->ike_sa = ike_sa;
                                                entry->ike_sa_id = id;
+                                               entry->processing = get_message_id_or_hash(message);
+                                               entry->init_hash = hash;
 
                                                segment = put_entry(this, entry);
                                                entry->checked_out = TRUE;
                                                unlock_single_segment(this, segment);
 
-                                               entry->processing = get_message_id_or_hash(message);
-                                               entry->init_hash = hash;
-
                                                DBG2(DBG_MGR, "created IKE_SA %s[%u]",
                                                         ike_sa->get_name(ike_sa),
                                                         ike_sa->get_unique_id(ike_sa));