Raise a bus alert when a received message contains unknown SPIs

src/libcharon/bus/bus.h

@@ -92,6 +92,8 @@ enum alert_t {
 	ALERT_PEER_ADDR_FAILED,
 	/** peer did not respond to initial message, current try (int, 0-based) */
 	ALERT_PEER_INIT_UNREACHABLE,
+	/** received IKE message with invalid SPI, argument is message_t* */
+	ALERT_INVALID_IKE_SPI,
 };
 
 /**

src/libcharon/sa/ike_sa_manager.c

@@ -1274,6 +1274,10 @@ METHOD(ike_sa_manager_t, checkout_by_message, ike_sa_t*,
 		}
 		unlock_single_segment(this, segment);
 	}
+	else
+	{
+		charon->bus->alert(charon->bus, ALERT_INVALID_IKE_SPI, message);
+	}
 	id->destroy(id);
 	charon->bus->set_sa(charon->bus, ike_sa);
 	return ike_sa;