kern/58559: experimental wg(4) never times out of INIT_PASSIVE state

[campbell+netbsd%mumble.net@localhost]

>Number:         58559
>Category:       kern
>Synopsis:       experimental wg(4) never times out of INIT_PASSIVE state
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    kern-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Wed Aug 07 12:50:01 +0000 2024
>Originator:     Taylor R Campbell
>Release:        current, 10
>Organization:
The NotWG Foundwhere are you?
>Environment:
>Description:
When wg(4) receives a handshake initiation, it will send a handshake response and wait for the first data packet from the peer:

[W] 6.3 Key Rotation
"But, keep in mind that after an initiator receives a handshake response (section 5.4.3), the responder cannot send transport data messages (section 5.4.6) until it has received the first transport data message from the initiator."

If the peer initiates and never sends that first data packet -- e.g., the network blips out for a couple minutes between the handshake initiation and the first data packet, so the initiator gives up -- then wg(4) gets stuck, even if it has packets to send, because the session destruction timer:

1. destroys the _unstable_ session only when it is in DESTROYING state, and
2. destroys the _stable_ session only when it is in ESTABLISHED state,

but in this case the unstable session is in INIT_PASSIVE state.
>How-To-Repeat:
Send a handshake initiation message to wg(4) and don't follow up with a data message.
>Fix:
Teach the session destruction timer to destroy the unstable session if it is in INIT_PASSIVE state and old enough.

(INIT_ACTIVE state will be handled by the handshake retry logic, so there is no need to handle that differently.)