In case of an invalid SA resp is passed to ikev2_msg_cleanup without

author mbuhl <mbuhl@openbsd.org>

Fri, 11 Nov 2022 16:17:16 +0000 (16:17 +0000)

committer mbuhl <mbuhl@openbsd.org>

Fri, 11 Nov 2022 16:17:16 +0000 (16:17 +0000)
author mbuhl <mbuhl@openbsd.org>
Fri, 11 Nov 2022 16:17:16 +0000 (16:17 +0000)
committer mbuhl <mbuhl@openbsd.org>
Fri, 11 Nov 2022 16:17:16 +0000 (16:17 +0000)
diff --git a/sbin/iked/ikev2_msg.c b/sbin/iked/ikev2_msg.c

index 96d1302..05e26af 100644 (file)
--- a/sbin/iked/ikev2_msg.c
+++ b/sbin/iked/ikev2_msg.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: ikev2_msg.c,v 1.87 2022/09/21 22:32:11 tobhe Exp $    */
+/*     $OpenBSD: ikev2_msg.c,v 1.88 2022/11/11 16:17:16 mbuhl Exp $    */
  
  /*
   * Copyright (c) 2019 Tobias Heider <tobias.heider@stusta.de>
@@ -811,7 +811,8 @@ ikev2_send_encrypted_fragments(struct iked *env, struct iked_sa *sa,
             sa->sa_encr == NULL ||
             sa->sa_integr == NULL) {
                 log_debug("%s: invalid SA", __func__);
-               goto done;
+               ikestat_inc(env, ikes_frag_send_failures);
+               return ret;
         }
  
         sa_fam = ((struct sockaddr *)&sa->sa_local.addr)->sa_family;
author	mbuhl <mbuhl@openbsd.org>
	Fri, 11 Nov 2022 16:17:16 +0000 (16:17 +0000)
committer	mbuhl <mbuhl@openbsd.org>
	Fri, 11 Nov 2022 16:17:16 +0000 (16:17 +0000)