artulab
projects / openbsd / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 0344f19) | patch
Fix error in the comparison of the Child SA nonces to decide which
authortobhe <tobhe@openbsd.org>
Mon, 4 Jul 2022 08:39:55 +0000 (08:39 +0000)
committertobhe <tobhe@openbsd.org>
Mon, 4 Jul 2022 08:39:55 +0000 (08:39 +0000)
commit09a7f1736bfe877b04e90f4f62962a2791fd5e9d
treef181997c22bd12ac36bae76af5f9323a5c9648e9tree | snapshot
parent0344f19173eb6e2a0ee0e2cde8d5364a904e8174commit | diff
Fix error in the comparison of the Child SA nonces to decide which
SA shall be deleted. ni should be set to the minimum nonce for the
exchange intitiated by us while nr should be the smaller of the
nonces of the simultaneous exchange initiated by the peer, which
is stored in sa_simulat.
This fixes the ni < nr comparison below and makes sure our Child SA
is only deleted in the correct case as specified in RFC 7296.

Reported by and fix from Sibar Soumi <sibar.soumi (at) achelos.de>
ok mbuhl@
sbin/iked/ikev2.c diff | blob | history
OpenBSD src
by Ahmet Artu Yildirim