Issue #3527

Updated by Tobias Brunner 4 months ago


We have a scenario where we (the responder) send an INFORMATIONAL DELETE request for a CHILD_SA to the client (initiator).

The response fails integrity check and contains an incorrect flag set to responder even though the response is from the initiator so strongSwan retransmits the CHILD_SA INFORMATIONAL DELETE.

The response to the retransmitted INFORMATIONAL DELETE contains 2 payloads,
> * the first is a DELETE for the IPSec_SA SPI and
> * the second is the IKE DELETE payload.

We expected the CHILD_SA SPI only in the retransmit response that is associated with the CHILD_SA from the request.

After processing this response packet we are left with the IKE established while the IPSec_SA and initially requested CHILD_SA are removed.
Is the client (initiator) response valid and if so why is strongSwan not removing the IKE and only removing the IPSec_SA and all the CHILD_SA’s?

I have attached a decoded text trace of the exchange. Some parts of IKE AUTH have been removed for brevity.

Packet #16126 Initiator Request IPSec SA SPI 0000048d
Packet #16163 Responder Response IPSec SA SPI c255cd60

Packet #332264 Responder Request Child SA Create SPI c7b9b0dd
Packet #332269 Initiator Response Child SA Create SPI 000079bd

Packet #543209 Responder Request INFORMATIONAL DELETE Child SA SPI c7b9b0dd
Packet #543210 Initiator Response with Integrity check failure and incorrect flag set as RESPONDER for INITIATOR sent packet.

Packet #548806 Responder Request retransmit INFORMATIONAL DELETE Child SA SPI c7b9b0dd
Packet #548807 Initiator Response retransmit INFORMATIONAL DELETE reply with IPSec SA SPI 0000048d and IKE DELETE. <-- is this a valid response to the CHILD SA DELETE?

After the exchange the ipsec statusall on the responder side still contains the IKE SA:

casa: IKEv1/2
casa: local: [%any] uses pre-shared key authentication
casa: remote: [%any] uses EAP authentication
net: child:[tcp/38413] === dynamic TUNNEL
net1: child: === dynamic TUNNEL
Security Associations (1 up, 0 connecting):
casa[910]: ESTABLISHED 24 minutes ago,[]...[]
casa[910]: IKEv2 SPIs: 1602d86c00000000_i 4b89efb88fed0130_r*, rekeying disabled
casa[910]: IKE proposal: AES_CBC_128/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_2048