[Swan-commit] Changes to ref refs/heads/master
cagney at vault.libreswan.fi
Thu May 30 14:39:51 UTC 2019
Author: Andrew Cagney <cagney at gnu.org>
Date: Thu May 30 09:52:04 2019 -0400
ikev2: correctly complete_v2_state_transition() when the unencrypted message is invalid
Changes the effectively useless:
complete_v2_state_transition(NULL, &MD, STF_FAIL)
complete_v2_state_transition(ST, &MD, STF_IGNORE)
where STF_IGNORE is the secret code for drop the packet like a hot
potato and reverting any mid-state changes.
Things "worked" because both code paths, in the end, did nothing.
Correctly tracking Message IDs means that needs to change.
The tests playing with critical bits exercise this code path.
More information about the Swan-commit