XAUTH interoperability with Cisco
This commit is contained in:
parent
f527c5a288
commit
ef05d8465b
|
@ -554,8 +554,8 @@ enum state_kind {
|
||||||
#define IS_ISAKMP_SA_ESTABLISHED(s) ( \
|
#define IS_ISAKMP_SA_ESTABLISHED(s) ( \
|
||||||
(s) == STATE_MAIN_R3 \
|
(s) == STATE_MAIN_R3 \
|
||||||
|| (s) == STATE_MAIN_I4 \
|
|| (s) == STATE_MAIN_I4 \
|
||||||
|| (s) == STATE_XAUTH_R3 \
|
|
||||||
|| (s) == STATE_XAUTH_I2 \
|
|| (s) == STATE_XAUTH_I2 \
|
||||||
|
|| (s) == STATE_XAUTH_R3 \
|
||||||
|| (s) == STATE_MODE_CFG_R1 \
|
|| (s) == STATE_MODE_CFG_R1 \
|
||||||
|| (s) == STATE_MODE_CFG_I2 \
|
|| (s) == STATE_MODE_CFG_I2 \
|
||||||
|| (s) == STATE_MODE_CFG_I3 \
|
|| (s) == STATE_MODE_CFG_I3 \
|
||||||
|
|
|
@ -443,7 +443,7 @@ static const struct state_microcode state_microcode_table[] = {
|
||||||
, EVENT_RETRANSMIT, xauth_inI0 },
|
, EVENT_RETRANSMIT, xauth_inI0 },
|
||||||
|
|
||||||
{ STATE_XAUTH_R1, STATE_XAUTH_R2
|
{ STATE_XAUTH_R1, STATE_XAUTH_R2
|
||||||
, SMF_ALL_AUTH | SMF_ENCRYPTED | SMF_REPLY
|
, SMF_ALL_AUTH | SMF_ENCRYPTED
|
||||||
, P(ATTR) | P(HASH), P(VID), PT(HASH)
|
, P(ATTR) | P(HASH), P(VID), PT(HASH)
|
||||||
, EVENT_RETRANSMIT, xauth_inR1 },
|
, EVENT_RETRANSMIT, xauth_inR1 },
|
||||||
|
|
||||||
|
@ -1552,6 +1552,15 @@ process_packet(struct msg_digest **mdp)
|
||||||
|
|
||||||
set_cur_state(st);
|
set_cur_state(st);
|
||||||
|
|
||||||
|
/* the XAUTH_STATUS message might have a new msgid */
|
||||||
|
if (st->st_state == STATE_XAUTH_I1)
|
||||||
|
{
|
||||||
|
init_phase2_iv(st, &md->hdr.isa_msgid);
|
||||||
|
new_iv_set = TRUE;
|
||||||
|
from_state = st->st_state;
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
|
||||||
if (!IS_ISAKMP_SA_ESTABLISHED(st->st_state))
|
if (!IS_ISAKMP_SA_ESTABLISHED(st->st_state))
|
||||||
{
|
{
|
||||||
loglog(RC_LOG_SERIOUS, "ModeCfg message is unacceptable because"
|
loglog(RC_LOG_SERIOUS, "ModeCfg message is unacceptable because"
|
||||||
|
|
|
@ -910,6 +910,7 @@ xauth_inI0(struct msg_digest *md)
|
||||||
if (stat == STF_OK)
|
if (stat == STF_OK)
|
||||||
{
|
{
|
||||||
st->st_xauth.started = TRUE;
|
st->st_xauth.started = TRUE;
|
||||||
|
st->st_msgid = 0;
|
||||||
return STF_OK;
|
return STF_OK;
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
|
@ -988,11 +989,8 @@ xauth_inR1(struct msg_digest *md)
|
||||||
|
|
||||||
plog("sending XAUTH status:");
|
plog("sending XAUTH status:");
|
||||||
|
|
||||||
stat_build = modecfg_build_msg(st, &md->rbody
|
stat_build = modecfg_send_msg(st, ISAKMP_CFG_SET, &ia);
|
||||||
, ISAKMP_CFG_SET
|
if (stat_build != STF_OK)
|
||||||
, &ia
|
|
||||||
, isama_id);
|
|
||||||
if (stat_build != STF_OK)
|
|
||||||
return stat_build;
|
return stat_build;
|
||||||
return STF_OK;
|
return STF_OK;
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue