[Swan-commit] Changes to ref refs/heads/main

Andrew Cagney cagney at vault.libreswan.fi
Wed Sep 15 20:10:21 UTC 2021

New commits:
commit 4de41f62c50f17b537a5cf70bdddf9aa794587b2
Author: Andrew Cagney <cagney at gnu.org>
Date:   Wed Sep 15 12:51:31 2021 -0400

    ikev2: cleanup / simplify the secured exchange path
    Establish and then exploit the "fun fact" that the two statements:
      - the exchange is IKE_SA_INIT
      - the exchange is secured (has encrypted+protected SK/SKF payloads)
    are mutually exclusive.
    Hopefully remove the last vestiges of code trying to juggle these two
    conflicting statements while using a single code path.  Also overhaul
    comments (CREATE_CHILD_SA no longer switches states, *MDP no longer
    exists so can't be set to NULL, there's no reason to select a single
    winning current-state, secured exchanges can assume st->st_state).
    The new code now works roughly as follows:
    -> first:
       - if the exchange is IKE_SA_INIT go elsewhere
    -> since it isn't an IKE_SA_INIT exchange, could it be a secured
       exchange? (since the message isn't yet trusted, don't respond)
       - find the IKE SA, else drop
       - not a duplicate, else drop/re-transmit
       - unpack the message payloads, else drop
       - check message payloads are plausible, else drop
    -> everything (IKE SA, SK/SKF payloads, secured state) seems to be
       there, is it really secure? (since the message still isn't trusted,
       don't respond)
       - accumulate fragments, possibly bail
       - deal with SKEYSEED (should background this), possibly bail
       - defragment and decrypt message, else drop
    -> yes, the secured message is from the [possibly unauthenticated]
       peer, can it be processed? (the message is trusted, response is ok)
       - unpack secure payload, else fatal
       - find transition, else fatal
       - execute transition

More information about the Swan-commit mailing list