[Swan-dev] decryption could change selected state transition

Paul Wouters paul at nohats.ca
Tue Feb 17 21:12:25 EET 2015

On Mon, 16 Feb 2015, Andrew Cagney wrote:

> Problem is, ikev2_process_decrypted_payloads does the following:
> - unpacks the payload saving the result (good)
> - starting with the previously selected transition, search the state
> transition table for a transition that matches the payload contents;
> if a match is found the message digest is updated
> - if no transition matches, issue an error/fail for the last bad match
> It's that middle bit that is wrong.  It is there so that the
> transition search code can look deeper into a packet for the correct
> match (for instance a INIT response with a COOKIE or INVALID_KE
> notification)

An IKE_INIT packet does not contain encrypted payloads? eg it has no
.req_enc_payloads or .opt_enc_payloads entry in the SMF2. We would
reject it if the packet had an encrypted payload.

> Fortunately, none of the transitions involving an encrypted payload
> have SMF2_CONTINUE_MATCH set so it won't happen.
> confusing - to me the code iterating through the table should be kept
> separate (which means splitting up the function)

I'm not sure I understand what you think is a problem?


More information about the Swan-dev mailing list