mirror of
https://github.com/SoftEtherVPN/SoftEtherVPN.git
synced 2025-07-10 09:44:58 +03:00
Compare commits
7 Commits
5.02.5185
...
0824534515
| Author | SHA1 | Date | |
|---|---|---|---|
| 0824534515 | |||
| 9b97568dc9 | |||
| aeb9330ddb | |||
| 48b536d732 | |||
| 3087e03e0c | |||
| 619ca3d915 | |||
| 36c018b1d9 |
@ -463,13 +463,39 @@ void ProcIPsecEspPacketRecv(IKE_SERVER *ike, UDPPACKET *p)
|
|||||||
seq = READ_UINT(src + sizeof(UINT));
|
seq = READ_UINT(src + sizeof(UINT));
|
||||||
|
|
||||||
// Search and retrieve the IPsec SA from SPI
|
// Search and retrieve the IPsec SA from SPI
|
||||||
|
|
||||||
// thank to @phillibert report, responding to bad SA might lead to amplification
|
|
||||||
// according to RFC4303 we should drop such packets
|
|
||||||
|
|
||||||
ipsec_sa = SearchClientToServerIPsecSaBySpi(ike, spi);
|
ipsec_sa = SearchClientToServerIPsecSaBySpi(ike, spi);
|
||||||
if (ipsec_sa == NULL)
|
if (ipsec_sa == NULL)
|
||||||
{
|
{
|
||||||
|
// Invalid SPI
|
||||||
|
UINT64 init_cookie = Rand64();
|
||||||
|
UINT64 resp_cookie = 0;
|
||||||
|
IKE_CLIENT *c = NULL;
|
||||||
|
IKE_CLIENT t;
|
||||||
|
|
||||||
|
|
||||||
|
Copy(&t.ClientIP, &p->SrcIP, sizeof(IP));
|
||||||
|
t.ClientPort = p->SrcPort;
|
||||||
|
Copy(&t.ServerIP, &p->DstIP, sizeof(IP));
|
||||||
|
t.ServerPort = p->DestPort;
|
||||||
|
t.CurrentIkeSa = NULL;
|
||||||
|
|
||||||
|
if (p->DestPort == IPSEC_PORT_IPSEC_ESP_RAW)
|
||||||
|
{
|
||||||
|
t.ClientPort = t.ServerPort = IPSEC_PORT_IPSEC_ISAKMP;
|
||||||
|
}
|
||||||
|
|
||||||
|
c = Search(ike->ClientList, &t);
|
||||||
|
|
||||||
|
if (c != NULL && c->CurrentIkeSa != NULL)
|
||||||
|
{
|
||||||
|
init_cookie = c->CurrentIkeSa->InitiatorCookie;
|
||||||
|
resp_cookie = c->CurrentIkeSa->ResponderCookie;
|
||||||
|
}
|
||||||
|
|
||||||
|
SendInformationalExchangePacketEx(ike, (c == NULL ? &t : c), IkeNewNoticeErrorInvalidSpiPayload(spi), false,
|
||||||
|
init_cookie, resp_cookie);
|
||||||
|
|
||||||
|
SendDeleteIPsecSaPacket(ike, (c == NULL ? &t : c), spi);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@ -2103,7 +2103,7 @@ void StopL2TPThread(L2TP_SERVER *l2tp, L2TP_TUNNEL *t, L2TP_SESSION *s)
|
|||||||
// Interrupt processing of L2TP server
|
// Interrupt processing of L2TP server
|
||||||
void L2TPProcessInterrupts(L2TP_SERVER *l2tp)
|
void L2TPProcessInterrupts(L2TP_SERVER *l2tp)
|
||||||
{
|
{
|
||||||
UINT i, j;
|
UINT i, j, k;
|
||||||
LIST *delete_tunnel_list = NULL;
|
LIST *delete_tunnel_list = NULL;
|
||||||
// Validate arguments
|
// Validate arguments
|
||||||
if (l2tp == NULL)
|
if (l2tp == NULL)
|
||||||
@ -2138,9 +2138,9 @@ void L2TPProcessInterrupts(L2TP_SERVER *l2tp)
|
|||||||
UINT64 l2tpTimeout = L2TP_TUNNEL_TIMEOUT;
|
UINT64 l2tpTimeout = L2TP_TUNNEL_TIMEOUT;
|
||||||
|
|
||||||
// If we got on ANY session a higher timeout than the default L2TP tunnel timeout, increase it
|
// If we got on ANY session a higher timeout than the default L2TP tunnel timeout, increase it
|
||||||
for (i = 0; i < LIST_NUM(t->SessionList); i++)
|
for (k = 0; k < LIST_NUM(t->SessionList); k++)
|
||||||
{
|
{
|
||||||
L2TP_SESSION* s = LIST_DATA(t->SessionList, i);
|
L2TP_SESSION* s = LIST_DATA(t->SessionList, k);
|
||||||
|
|
||||||
if (s->TubeRecv != NULL && s->TubeRecv->DataTimeout > l2tpTimeout)
|
if (s->TubeRecv != NULL && s->TubeRecv->DataTimeout > l2tpTimeout)
|
||||||
{
|
{
|
||||||
|
|||||||
Reference in New Issue
Block a user