[strongSwan-dev] [PATCH 0/2] Rekeying collisions vs. delete action

Thomas Egerer thomas.egerer at secunet.com
Tue Jun 1 09:52:19 CEST 2010


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hello Martin, *,

our hardcore-rekeying test (every 2 seconds) revealed another flaw
whenever one of the peers has an SA configured to be restarted on close
(dpdaction restart). If the peer with the SA configured to be restarted
wins the rekey collision it honors the restart action once the other
peers sends a delete notification, and reinitiates the (actually
duplicate) SA. This results in a growing number of superseded child sas
(which I cleverly configured to time out in an infinite time, i.e.
never). So after quite some runtime of the test I can count the
impressive number of 22'000 child sas never to be used again.
The attached patch introduces a new data member to the child sa, that
can be used to set and retrieve information on whether the child is
going to be deleted by the peer, so that the SAs delete action is going
to be ignored.

Thomas
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAkwEvDMACgkQDXd94wpQmdypnwCgiZXP1k17iXsrvAMDqpt9FrO4
y78An0Dmwbmbvmfr1DNLqbgByFPz6GOz
=f2ML
-----END PGP SIGNATURE-----




More information about the Dev mailing list