ike-sa: Reauthenticate to the same addresses we currently use
If the SA got redirected this would otherwise cause a reauthentication with the original gateway. Reestablishing the SA to the original gateway, if e.g. the new gateway is not reachable makes sense though.
This commit is contained in:
parent
c13eb73719
commit
7505fb8d45
|
@ -1950,8 +1950,11 @@ METHOD(ike_sa_t, reestablish, status_t,
|
|||
host = this->my_host;
|
||||
new->set_my_host(new, host->clone(host));
|
||||
charon->bus->ike_reestablish_pre(charon->bus, &this->public, new);
|
||||
/* resolve hosts but use the old addresses above as fallback */
|
||||
resolve_hosts((private_ike_sa_t*)new);
|
||||
if (!has_condition(this, COND_REAUTHENTICATING))
|
||||
{ /* reauthenticate to the same addresses, but resolve hosts if
|
||||
* reestablishing (old addresses serve as fallback) */
|
||||
resolve_hosts((private_ike_sa_t*)new);
|
||||
}
|
||||
/* if we already have a virtual IP, we reuse it */
|
||||
enumerator = array_create_enumerator(this->my_vips);
|
||||
while (enumerator->enumerate(enumerator, &host))
|
||||
|
|
Loading…
Reference in New Issue