Enforce uniqueness policy in IKEv1 main and aggressive modes
This commit is contained in:
parent
4a10eda1a0
commit
e5f0f9ff96
|
@ -293,6 +293,14 @@ METHOD(task_t, build_i, status_t,
|
|||
}
|
||||
this->id_data = chunk_empty;
|
||||
|
||||
if (charon->ike_sa_manager->check_uniqueness(charon->ike_sa_manager,
|
||||
this->ike_sa, FALSE))
|
||||
{
|
||||
DBG1(DBG_IKE, "cancelling Aggressive Mode due to uniqueness "
|
||||
"policy");
|
||||
return send_notify(this, AUTHENTICATION_FAILED);
|
||||
}
|
||||
|
||||
switch (this->method)
|
||||
{
|
||||
case AUTH_XAUTH_INIT_PSK:
|
||||
|
@ -441,6 +449,14 @@ METHOD(task_t, process_r, status_t,
|
|||
return send_delete(this);
|
||||
}
|
||||
|
||||
if (charon->ike_sa_manager->check_uniqueness(charon->ike_sa_manager,
|
||||
this->ike_sa, FALSE))
|
||||
{
|
||||
DBG1(DBG_IKE, "cancelling Aggressive Mode due to uniqueness "
|
||||
"policy");
|
||||
return send_delete(this);
|
||||
}
|
||||
|
||||
switch (this->method)
|
||||
{
|
||||
case AUTH_XAUTH_INIT_PSK:
|
||||
|
|
|
@ -493,6 +493,12 @@ METHOD(task_t, build_r, status_t,
|
|||
{
|
||||
return send_notify(this, AUTHENTICATION_FAILED);
|
||||
}
|
||||
if (charon->ike_sa_manager->check_uniqueness(charon->ike_sa_manager,
|
||||
this->ike_sa, FALSE))
|
||||
{
|
||||
DBG1(DBG_IKE, "cancelling Main Mode due to uniqueness policy");
|
||||
return send_notify(this, AUTHENTICATION_FAILED);
|
||||
}
|
||||
|
||||
switch (this->method)
|
||||
{
|
||||
|
@ -616,6 +622,13 @@ METHOD(task_t, process_i, status_t,
|
|||
"cancelling");
|
||||
return send_delete(this);
|
||||
}
|
||||
if (charon->ike_sa_manager->check_uniqueness(charon->ike_sa_manager,
|
||||
this->ike_sa, FALSE))
|
||||
{
|
||||
DBG1(DBG_IKE, "cancelling Main Mode due to uniqueness policy");
|
||||
return send_delete(this);
|
||||
}
|
||||
|
||||
switch (this->method)
|
||||
{
|
||||
case AUTH_XAUTH_INIT_PSK:
|
||||
|
|
Loading…
Reference in New Issue