ike: Do not send initial contact only for UNIQUE_NEVER
Signed-off-by: Thomas Egerer <thomas.egerer@secunet.com>
This commit is contained in:
parent
6ce7ae24a4
commit
2dad293647
|
@ -221,8 +221,7 @@ static void add_initial_contact(private_main_mode_t *this, message_t *message,
|
|||
idr = this->ph1->get_id(this->ph1, this->peer_cfg, FALSE);
|
||||
if (idr && !idr->contains_wildcards(idr))
|
||||
{
|
||||
if (this->peer_cfg->get_unique_policy(this->peer_cfg) != UNIQUE_NO &&
|
||||
this->peer_cfg->get_unique_policy(this->peer_cfg) != UNIQUE_NEVER)
|
||||
if (this->peer_cfg->get_unique_policy(this->peer_cfg) != UNIQUE_NEVER)
|
||||
{
|
||||
host = this->ike_sa->get_other_host(this->ike_sa);
|
||||
if (!charon->ike_sa_manager->has_contact(charon->ike_sa_manager,
|
||||
|
|
|
@ -471,7 +471,6 @@ METHOD(task_t, build_i, status_t,
|
|||
|
||||
if (idr && !idr->contains_wildcards(idr) &&
|
||||
message->get_message_id(message) == 1 &&
|
||||
this->peer_cfg->get_unique_policy(this->peer_cfg) != UNIQUE_NO &&
|
||||
this->peer_cfg->get_unique_policy(this->peer_cfg) != UNIQUE_NEVER)
|
||||
{
|
||||
host_t *host;
|
||||
|
|
|
@ -216,7 +216,7 @@ connections.<conn>.unique = no
|
|||
On initiators this setting specifies whether an INITIAL_CONTACT notify is
|
||||
sent during IKE_AUTH if no existing connection is found with the remote
|
||||
peer (determined by the identities of the first authentication round).
|
||||
Only if set to _keep_ or _replace_ will the client send a notify.
|
||||
Unless set to _never_ the client will send a notify.
|
||||
|
||||
connections.<conn>.reauth_time = 0s
|
||||
Time to schedule IKE reauthentication.
|
||||
|
|
Loading…
Reference in New Issue