child-create: Support IKE_INTERMEDIATE exchange between IKE_SA_INIT and IKE_AUTH
This commit is contained in:
parent
4571322eb7
commit
b1348ae9d4
|
@ -1108,11 +1108,6 @@ METHOD(task_t, build_i, status_t,
|
||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
case IKE_AUTH:
|
case IKE_AUTH:
|
||||||
if (message->get_message_id(message) != 1)
|
|
||||||
{
|
|
||||||
/* send only in the first request, not in subsequent rounds */
|
|
||||||
return NEED_MORE;
|
|
||||||
}
|
|
||||||
switch (defer_child_sa(this))
|
switch (defer_child_sa(this))
|
||||||
{
|
{
|
||||||
case DESTROY_ME:
|
case DESTROY_ME:
|
||||||
|
@ -1126,9 +1121,11 @@ METHOD(task_t, build_i, status_t,
|
||||||
/* just continue to establish the CHILD_SA */
|
/* just continue to establish the CHILD_SA */
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
/* send only in the first request, not in subsequent rounds */
|
||||||
|
this->public.task.build = (void*)return_need_more;
|
||||||
break;
|
break;
|
||||||
default:
|
default:
|
||||||
break;
|
return NEED_MORE;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* check if we want a virtual IP, but don't have one */
|
/* check if we want a virtual IP, but don't have one */
|
||||||
|
@ -1261,13 +1258,11 @@ METHOD(task_t, process_r, status_t,
|
||||||
get_nonce(message, &this->other_nonce);
|
get_nonce(message, &this->other_nonce);
|
||||||
break;
|
break;
|
||||||
case IKE_AUTH:
|
case IKE_AUTH:
|
||||||
if (message->get_message_id(message) != 1)
|
/* only handle first AUTH payload, not additional rounds */
|
||||||
{
|
this->public.task.process = (void*)return_need_more;
|
||||||
/* only handle first AUTH payload, not additional rounds */
|
|
||||||
return NEED_MORE;
|
|
||||||
}
|
|
||||||
default:
|
|
||||||
break;
|
break;
|
||||||
|
default:
|
||||||
|
return NEED_MORE;
|
||||||
}
|
}
|
||||||
|
|
||||||
process_payloads(this, message);
|
process_payloads(this, message);
|
||||||
|
@ -1452,8 +1447,9 @@ METHOD(task_t, build_r, status_t,
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
ike_auth = TRUE;
|
ike_auth = TRUE;
|
||||||
default:
|
|
||||||
break;
|
break;
|
||||||
|
default:
|
||||||
|
return NEED_MORE;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (this->ike_sa->get_state(this->ike_sa) == IKE_REKEYING)
|
if (this->ike_sa->get_state(this->ike_sa) == IKE_REKEYING)
|
||||||
|
@ -1642,8 +1638,9 @@ METHOD(task_t, process_i, status_t,
|
||||||
return NEED_MORE;
|
return NEED_MORE;
|
||||||
}
|
}
|
||||||
ike_auth = TRUE;
|
ike_auth = TRUE;
|
||||||
default:
|
|
||||||
break;
|
break;
|
||||||
|
default:
|
||||||
|
return NEED_MORE;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* check for erroneous notifies */
|
/* check for erroneous notifies */
|
||||||
|
|
Loading…
Reference in New Issue