diff options
author | Filip Tehlar <ftehlar@cisco.com> | 2021-02-15 14:06:45 +0000 |
---|---|---|
committer | Beno�t Ganne <bganne@cisco.com> | 2021-02-19 09:32:35 +0000 |
commit | 428a442a5c00892795f24c6634c0b00d3eaa26d1 (patch) | |
tree | 715846cae1d79a9c37f8a95e5fe3f0cbc82c1eee /src/plugins/ikev2 | |
parent | ee5cd4e47078f0f3f0cab93fd1aff3bf1e70bca5 (diff) |
ikev2: start counting msgid from 0
This fixes an issue when initiator is expecting request with intitial
msgid being 0 but 1 is received instead which results in retransmission
(instead of normally processing the new request).
Type: fix
Change-Id: I60062276bd93de78128847c5b15f5d6cecf1df65
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
Diffstat (limited to 'src/plugins/ikev2')
-rw-r--r-- | src/plugins/ikev2/ikev2.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/src/plugins/ikev2/ikev2.c b/src/plugins/ikev2/ikev2.c index f33496cde2f..d5dd013e0a5 100644 --- a/src/plugins/ikev2/ikev2.c +++ b/src/plugins/ikev2/ikev2.c @@ -2732,7 +2732,7 @@ ikev2_retransmit_resp (ikev2_sa_t * sa, ike_header_t * ike) u32 msg_id = clib_net_to_host_u32 (ike->msgid); /* new req */ - if (msg_id > sa->last_msg_id) + if (msg_id > sa->last_msg_id || sa->last_msg_id == ~0) { sa->last_msg_id = msg_id; return 0; @@ -3146,6 +3146,7 @@ ikev2_node_internal (vlib_main_t *vm, vlib_node_runtime_t *node, if (sa0->is_initiator) { + sa0->last_msg_id = ~0; ikev2_del_sa_init (sa0->ispi); } else @@ -3153,7 +3154,6 @@ ikev2_node_internal (vlib_main_t *vm, vlib_node_runtime_t *node, sa0->stats.n_sa_auth_req++; stats->n_sa_auth_req++; ike0->flags = IKEV2_HDR_FLAG_RESPONSE; - sa0->last_init_msg_id = 1; slen = ikev2_generate_message (b0, sa0, ike0, 0, udp0, stats); if (~0 == slen) |