Revert "Send INITIAL_CONTACT even if we have a unique policy"
It makes sense to omit INITIAL_CONTACT if don't have a unique policy,
as a client might want to connect from different devices to the same
account.
This reverts commit 719c33b41a
.
This commit is contained in:
parent
9bac426bf3
commit
983a5e88d3
3
NEWS
3
NEWS
|
@ -42,7 +42,8 @@ strongswan-4.5.1
|
|||
xcbc algorithms.
|
||||
|
||||
- The IKEv2 daemon supports the INITIAL_CONTACT notify as initiator and
|
||||
responder.
|
||||
responder. The notify is sent when initiating configurations with a unique
|
||||
policy, set in ipsec.conf via the global 'uniqueids' option.
|
||||
|
||||
- The conftest conformance testing framework enables the IKEv2 stack to perform
|
||||
many tests using a distinct tool and configuration frontend. Various hooks
|
||||
|
|
|
@ -429,7 +429,8 @@ static status_t build_i(private_ike_auth_t *this, message_t *message)
|
|||
get_reserved_id_bytes(this, id_payload);
|
||||
message->add_payload(message, (payload_t*)id_payload);
|
||||
|
||||
if (idr && message->get_message_id(message))
|
||||
if (idr && message->get_message_id(message) == 1 &&
|
||||
this->peer_cfg->get_unique_policy(this->peer_cfg) != UNIQUE_NO)
|
||||
{
|
||||
host_t *host;
|
||||
|
||||
|
|
Loading…
Reference in New Issue