Raise a bus alert when a received message contains unknown SPIs
authorMartin Willi <martin@revosec.ch>
Mon, 8 Oct 2012 09:09:31 +0000 (11:09 +0200)
committerMartin Willi <martin@revosec.ch>
Wed, 24 Oct 2012 09:34:30 +0000 (11:34 +0200)
src/libcharon/bus/bus.h
src/libcharon/sa/ike_sa_manager.c

index 4bde243..c732b8c 100644 (file)
@@ -92,6 +92,8 @@ enum alert_t {
        ALERT_PEER_ADDR_FAILED,
        /** peer did not respond to initial message, current try (int, 0-based) */
        ALERT_PEER_INIT_UNREACHABLE,
+       /** received IKE message with invalid SPI, argument is message_t* */
+       ALERT_INVALID_IKE_SPI,
 };
 
 /**
index a396235..cccf5d0 100644 (file)
@@ -1274,6 +1274,10 @@ METHOD(ike_sa_manager_t, checkout_by_message, ike_sa_t*,
                }
                unlock_single_segment(this, segment);
        }
+       else
+       {
+               charon->bus->alert(charon->bus, ALERT_INVALID_IKE_SPI, message);
+       }
        id->destroy(id);
        charon->bus->set_sa(charon->bus, ike_sa);
        return ike_sa;