summaryrefslogtreecommitdiffstats
path: root/src/plugins/ikev2
diff options
context:
space:
mode:
authorFilip Tehlar <ftehlar@cisco.com>2021-02-15 14:06:45 +0000
committerBeno�t Ganne <bganne@cisco.com>2021-02-19 09:32:35 +0000
commit428a442a5c00892795f24c6634c0b00d3eaa26d1 (patch)
tree715846cae1d79a9c37f8a95e5fe3f0cbc82c1eee /src/plugins/ikev2
parentee5cd4e47078f0f3f0cab93fd1aff3bf1e70bca5 (diff)
ikev2: start counting msgid from 0
This fixes an issue when initiator is expecting request with intitial msgid being 0 but 1 is received instead which results in retransmission (instead of normally processing the new request). Type: fix Change-Id: I60062276bd93de78128847c5b15f5d6cecf1df65 Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
Diffstat (limited to 'src/plugins/ikev2')
-rw-r--r--src/plugins/ikev2/ikev2.c4
1 files changed, 2 insertions, 2 deletions
diff --git a/src/plugins/ikev2/ikev2.c b/src/plugins/ikev2/ikev2.c
index f33496cde2f..d5dd013e0a5 100644
--- a/src/plugins/ikev2/ikev2.c
+++ b/src/plugins/ikev2/ikev2.c
@@ -2732,7 +2732,7 @@ ikev2_retransmit_resp (ikev2_sa_t * sa, ike_header_t * ike)
u32 msg_id = clib_net_to_host_u32 (ike->msgid);
/* new req */
- if (msg_id > sa->last_msg_id)
+ if (msg_id > sa->last_msg_id || sa->last_msg_id == ~0)
{
sa->last_msg_id = msg_id;
return 0;
@@ -3146,6 +3146,7 @@ ikev2_node_internal (vlib_main_t *vm, vlib_node_runtime_t *node,
if (sa0->is_initiator)
{
+ sa0->last_msg_id = ~0;
ikev2_del_sa_init (sa0->ispi);
}
else
@@ -3153,7 +3154,6 @@ ikev2_node_internal (vlib_main_t *vm, vlib_node_runtime_t *node,
sa0->stats.n_sa_auth_req++;
stats->n_sa_auth_req++;
ike0->flags = IKEV2_HDR_FLAG_RESPONSE;
- sa0->last_init_msg_id = 1;
slen =
ikev2_generate_message (b0, sa0, ike0, 0, udp0, stats);
if (~0 == slen)