[strongSwan-dev] problem with handling multiple Quick mode messages, message handled by incorrect task

[SM K]

Hi,

I am seeing a problem when a Juniper SSG sends multiple Quick Mode requests
(for different tunnels) in one quick succession. Our version of strongswan
is 5.1.2 with some selective fixes from later. I see the following happen

1. Juniper sends 3 Quick mode initiation messages.
2. 2 of these messages are handled by 2 separate quick mode tasks on
strongswan and they respond to the peer.
3. The left over quick mode message from 1 gets handed over to a task from
2.
4. That task seems to handle this message like  the 3rd message from the
handshake and a Child SA is established.
5. The actual third message from the Juniper comes and is given to another
quick mode task that now returns a Malformed Packet error.
6. Somewhere down the line I also see an invalid hash message and message
decryption failed.

I would to know if something like this is possible and has been seen by
others.
How is the decision to hand over a Quick mode initiation message to a task
that is awaiting the third Quick mode message is made? How would I fix
something like this?

regards,
sk
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/dev/attachments/20150909/bd2c6d4e/attachment.html>