Select IKEv1 configurations by main/aggressive mode option

2012-01-09 16:33:15 +00:00 · 2012-01-09 16:33:15 +00:00 · 91c212fd6a
parent 5ce59d4c06
commit 91c212fd6a
4 changed files with 8 additions and 5 deletions
--- a/src/libcharon/sa/ikev1/phase1.c
+++ b/src/libcharon/sa/ikev1/phase1.c
@ -416,7 +416,8 @@ METHOD(phase1_t, get_auth_method, auth_method_t,
 }

 METHOD(phase1_t, select_config, peer_cfg_t*,
-	private_phase1_t *this, auth_method_t method, identification_t *id)
+	private_phase1_t *this, auth_method_t method, bool aggressive,
+	identification_t *id)
 {
 	enumerator_t *enumerator;
 	peer_cfg_t *current, *found = NULL;
@ -430,7 +431,8 @@ METHOD(phase1_t, select_config, peer_cfg_t*,
 													me, other, NULL, id, IKEV1);
 	while (enumerator->enumerate(enumerator, &current))
 	{
-		if (get_auth_method(this, current) == method)
+		if (get_auth_method(this, current) == method &&
+			current->use_aggressive(current) == aggressive)
 		{
 			found = current->get_ref(current);
 			break;
--- a/src/libcharon/sa/ikev1/phase1.h
+++ b/src/libcharon/sa/ikev1/phase1.h
@ -91,11 +91,12 @@ struct phase1_t {
 	 * Select a peer config as responder.
 	 *
 	 * @param method		used authentication method
+	 * @param aggressive	TRUE to get an aggressive mode config
 	 * @param id			initiator identity
 	 * @return				selected peer config, NULL if none found
 	 */
 	peer_cfg_t* (*select_config)(phase1_t *this, auth_method_t method,
-								 identification_t *id);
+								 bool aggressive, identification_t *id);

 	/**
 	 * Get configured identity from peer config.
--- a/src/libcharon/sa/ikev1/tasks/aggressive_mode.c
+++ b/src/libcharon/sa/ikev1/tasks/aggressive_mode.c
@ -380,7 +380,7 @@ METHOD(task_t, process_r, status_t,
 			this->id_data = id_payload->get_encoded(id_payload);
 			this->ike_sa->set_other_id(this->ike_sa, id);
 			this->peer_cfg = this->ph1->select_config(this->ph1,
-													  this->method, id);
+													  this->method, TRUE, id);
 			if (!this->peer_cfg)
 			{
 				DBG1(DBG_IKE, "no peer config found");
--- a/src/libcharon/sa/ikev1/tasks/main_mode.c
+++ b/src/libcharon/sa/ikev1/tasks/main_mode.c
@ -393,7 +393,7 @@ METHOD(task_t, process_r, status_t,
 			id = id_payload->get_identification(id_payload);
 			this->ike_sa->set_other_id(this->ike_sa, id);
 			this->peer_cfg = this->ph1->select_config(this->ph1,
-													  this->method, id);
+													  this->method, FALSE, id);
 			if (!this->peer_cfg)
 			{
 				DBG1(DBG_IKE, "no peer config found");