summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorFilip Tehlar <ftehlar@cisco.com>2019-09-04 11:34:15 +0000
committerDamjan Marion <dmarion@me.com>2019-09-06 16:08:29 +0000
commitb736e75d5bb2d132fb00c35b6aabaa52e5f624ad (patch)
tree27573f1a66ba16aee2fabec18ef7543dda803cf7
parenta1876b84e5598fcfad1debe5abb51d152e06a66e (diff)
ikev2: fix crash during IKE SA Init exchange
Type: fix Change-Id: If827fe348fe35d1221d29f91b7e6ea1624d13999 Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
-rw-r--r--src/plugins/ikev2/ikev2.c7
1 files changed, 1 insertions, 6 deletions
diff --git a/src/plugins/ikev2/ikev2.c b/src/plugins/ikev2/ikev2.c
index e7b2f92941d..a03e761cba4 100644
--- a/src/plugins/ikev2/ikev2.c
+++ b/src/plugins/ikev2/ikev2.c
@@ -3036,6 +3036,7 @@ ikev2_initiate_sa_init (vlib_main_t * vm, u8 * name)
ike0->flags = IKEV2_HDR_FLAG_INITIATOR;
ike0->exchange = IKEV2_EXCHANGE_SA_INIT;
ike0->ispi = sa.ispi;
+ ike0->rspi = 0;
/* store whole IKE payload - needed for PSK auth */
vec_free (sa.last_sa_init_req_packet_data);
@@ -3049,12 +3050,6 @@ ikev2_initiate_sa_init (vlib_main_t * vm, u8 * name)
sa.i_auth.method = p->auth.method;
sa.i_auth.hex = p->auth.hex;
sa.i_auth.data = vec_dup (p->auth.data);
-#if OPENSSL_VERSION_NUMBER >= 0x10100000L
- clib_memcpy_fast (sa.i_auth.key, p->auth.key,
- EVP_PKEY_size (p->auth.key));
-#else
- sa.i_auth.key = vec_dup (p->auth.key);
-#endif
vec_add (sa.childs[0].tsi, &p->loc_ts, 1);
vec_add (sa.childs[0].tsr, &p->rem_ts, 1);