ims-volte-vowifi
/
strongswan
9
0
Fork 0
Code Pull Requests Releases Activity

Don't retransmit, rekey, reauth or DPD check SAs when in PASSIVE state

This commit is contained in:
Martin Willi 2012-01-10 13:32:06 +01:00
parent dcefa26787
commit 916cdca851
1 changed files with 26 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
src/libcharon/sa/ike_sa.c
View File

@ -559,6 +559,10 @@ METHOD(ike_sa_t, send_dpd, status_t,
job_t *job;
time_t diff, delay;
if (this->state == IKE_PASSIVE)
{
return INVALID_STATE;
}
delay = this->peer_cfg->get_dpd(this->peer_cfg);
if (this->task_manager->busy(this->task_manager))
{
@ -1431,6 +1435,11 @@ METHOD(ike_sa_t, rekey_child_sa, status_t,
{
child_rekey_t *child_rekey;
if (this->state == IKE_PASSIVE)
{
return INVALID_STATE;
}
child_rekey = child_rekey_create(&this->public, protocol, spi);
this->task_manager->queue_task(this->task_manager, &child_rekey->task);
return this->task_manager->initiate(this->task_manager);
@ -1441,6 +1450,11 @@ METHOD(ike_sa_t, delete_child_sa, status_t,
{
child_delete_t *child_delete;
if (this->state == IKE_PASSIVE)
{
return INVALID_STATE;
}
child_delete = child_delete_create(&this->public, protocol, spi);
this->task_manager->queue_task(this->task_manager, &child_delete->task);
return this->task_manager->initiate(this->task_manager);
@ -1500,6 +1514,10 @@ METHOD(ike_sa_t, rekey, status_t,
{
ike_rekey_t *ike_rekey;
if (this->state == IKE_PASSIVE)
{
return INVALID_STATE;
}
ike_rekey = ike_rekey_create(&this->public, TRUE);
this->task_manager->queue_task(this->task_manager, &ike_rekey->task);
@ -1511,6 +1529,10 @@ METHOD(ike_sa_t, reauth, status_t,
{
task_t *task;
if (this->state == IKE_PASSIVE)
{
return INVALID_STATE;
}
/* we can't reauthenticate as responder when we use EAP or virtual IPs.
* If the peer does not support RFC4478, there is no way to keep the
* IKE_SA up. */
@ -1708,6 +1730,10 @@ static void requeue_init_tasks(private_ike_sa_t *this)
METHOD(ike_sa_t, retransmit, status_t,
private_ike_sa_t *this, u_int32_t message_id)
{
if (this->state == IKE_PASSIVE)
{
return INVALID_STATE;
}
this->stats[STAT_OUTBOUND] = time_monotonic(NULL);
if (this->task_manager->retransmit(this->task_manager, message_id) != SUCCESS)
{