[strongSwan-dev] IKEv2 IKE_AUTH request not responded if assembling of previous fragmented request (retransmitted) is in progress

Tobias Brunner tobias at strongswan.org
Wed Oct 28 17:09:33 CET 2020

Hi Totti,

> Particularly it seems to
> occur if the previous request is fragmented and has been already
> responded and then receiving retransmission of already responded request
> only partially. After that Strongswan server is not responding to next
> request coming from client.

Yes, I can see how this may happen.  The current defragmentation state
is only cleared after all fragments of a message have been received.
Until then, fragments of other messages are ignored because the message
ID does not match.  I've pushed a fix to the clear-defrag branch [1].



More information about the Dev mailing list