[Swan-dev] encrypted informational message when in state R1?
Andrew Cagney
andrew.cagney at gmail.com
Mon Feb 16 22:32:51 EET 2015
Hi,
I'm trying to understand this:
/* Informational Exchange */
{ .story = "R1: process INFORMATIONAL",
.state = STATE_PARENT_R1,
.next_state = STATE_PARENT_R1,
.flags = SMF2_STATENEEDED,
.req_clear_payloads = P(SK),
.opt_enc_payloads = P(N) | P(D) | P(CP),
.processor = process_encrypted_informational_ikev2,
.recv_type = ISAKMP_v2_INFORMATIONAL,
.timeout_event = EVENT_RETAIN, },
from ikev2.c.
Several things make me think this transition won't happen or the
message will be ignored:
- to me, rfc7296 makes it really clear that during the INIT and AUTH
exchanges the only valid messages are of type INIT and AUTH and not
INFORMATIONAL - a packet of this type just isn't allowed at this point
(there's an edge case at the end of AUTH, but by then the responder
had better be in state R2
http://tools.ietf.org/html/rfc7296#section-2.21.2)
- when the responder is in state R1, while it has all the DH material,
it hasn't done the DH calculation (pluto delays that until the R1->R2
transition), consequently, if such a packet were to be received it
would be rejected anyway with STF_FAIL because
!st->hidden_variables.st_skeyid_calculated (see ikev2_decrypt_msg).
can someone convince me otherwise :-)
Andrew
More information about the Swan-dev
mailing list