irmd: Drop replayed flow alloc requests

A duplicating link could deliver the same alloc request twice.
OAP detected the replay but still replied over the wire, so the
requester saw a second flow_alloc_reply on an already-allocated
flow and reg_respond_alloc tripped its PENDING-state assertion.

Add EREPLAY so the OAP server can signal replays distinctly;
flow_accept drops them silently. As a safety net, reg_respond_alloc
warn-drops late replies instead of asserting.

Signed-off-by: Dimitri Staessens <dimitri@ouroboros.rocks>
Signed-off-by: Sander Vrijders <sander@ouroboros.rocks>

1 files changed, 13 insertions, 2 deletions

diff --git a/src/irmd/oap/srv.c b/src/irmd/oap/srv.c
index afc54acc..ce97654f 100644
--- a/src/irmd/oap/srv.c
+++ b/src/irmd/oap/srv.c
@@ -393,6 +393,7 @@ int oap_srv_process(const struct name_info * info,
         void *                pkp = NULL;
         void *                crt = NULL;
         int                   req_md_nid;
+        int                   ret;
 
         assert(info != NULL);
         assert(rsp_buf != NULL);
@@ -427,8 +428,13 @@ int oap_srv_process(const struct name_info * info,
 
         id = peer_hdr.id.data; /* Logging */
 
-        if (oap_check_hdr(&peer_hdr) < 0) {
-                log_err_id(id, "OAP header failed replay check.");
+        ret = oap_check_hdr(&peer_hdr);
+        if (ret == -EREPLAY) {
+                log_warn_id(id, "OAP header failed replay check.");
+                goto fail_replay;
+        }
+        if (ret < 0) {
+                log_err_id(id, "OAP header check failed.");
                 goto fail_auth;
         }
 
@@ -491,6 +497,11 @@ int oap_srv_process(const struct name_info * info,
  fail_cred:
         return -EAUTH;
 
+ fail_replay:
+        crypt_free_crt(crt);
+        crypt_free_key(pkp);
+        return -EREPLAY;
+
  fail_kex:
         crypt_free_crt(crt);
         crypt_free_key(pkp);