fixed reuathentication when connections other host is %any
This commit is contained in:
Martin Willi
parent
60d79e496b
commit
f73d4c9eb0
|
|
@ -44,6 +44,11 @@ struct private_initiate_job_t {
|
|||
*/
|
||||
connection_t *connection;
|
||||
|
||||
/**
|
||||
* host to connect to, use NULL to use connections one
|
||||
*/
|
||||
host_t *other;
|
||||
|
||||
/**
|
||||
* associated policy to initiate
|
||||
*/
|
||||
|
|
@ -71,6 +76,11 @@ static status_t execute(private_initiate_job_t *this)
|
|||
this->policy->get_my_id(this->policy),
|
||||
this->policy->get_other_id(this->policy));
|
||||
|
||||
if (this->other)
|
||||
{
|
||||
ike_sa->set_other_host(ike_sa, this->other->clone(this->other));
|
||||
}
|
||||
|
||||
this->connection->get_ref(this->connection);
|
||||
this->policy->get_ref(this->policy);
|
||||
if (ike_sa->initiate(ike_sa, this->connection, this->policy) != SUCCESS)
|
||||
|
|
@ -91,13 +101,15 @@ static void destroy(private_initiate_job_t *this)
|
|||
{
|
||||
this->connection->destroy(this->connection);
|
||||
this->policy->destroy(this->policy);
|
||||
DESTROY_IF(this->other);
|
||||
free(this);
|
||||
}
|
||||
|
||||
/*
|
||||
* Described in header
|
||||
*/
|
||||
initiate_job_t *initiate_job_create(connection_t *connection, policy_t *policy)
|
||||
initiate_job_t *initiate_job_create(connection_t *connection, host_t *other,
|
||||
policy_t *policy)
|
||||
{
|
||||
private_initiate_job_t *this = malloc_thing(private_initiate_job_t);
|
||||
|
||||
|
|
@ -109,6 +121,7 @@ initiate_job_t *initiate_job_create(connection_t *connection, policy_t *policy)
|
|||
/* private variables */
|
||||
this->connection = connection;
|
||||
this->policy = policy;
|
||||
this->other = other;
|
||||
|
||||
return &this->public;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -51,12 +51,13 @@ struct initiate_job_t {
|
|||
* @brief Creates a job of type INITIATE_IKE_SA.
|
||||
*
|
||||
* @param connection connection_t to initialize
|
||||
* @param other another host to initiate to, NULL to use connections one
|
||||
* @param policy policy to set up
|
||||
* @return initiate_job_t object
|
||||
*
|
||||
* @ingroup jobs
|
||||
*/
|
||||
initiate_job_t *initiate_job_create(connection_t *connection,
|
||||
policy_t *policy);
|
||||
initiate_job_t *initiate_job_create(connection_t *connection, host_t *other,
|
||||
policy_t *policy);
|
||||
|
||||
#endif /*INITIATE_IKE_SA_JOB_H_*/
|
||||
|
|
|
|||
|
|
@ -484,7 +484,7 @@ static void dpd_detected(private_ike_sa_t *this)
|
|||
break;
|
||||
case DPD_RESTART:
|
||||
connection->get_ref(connection);
|
||||
job = (job_t*)initiate_job_create(connection, policy);
|
||||
job = (job_t*)initiate_job_create(connection, NULL, policy);
|
||||
charon->job_queue->add(charon->job_queue, job);
|
||||
break;
|
||||
default:
|
||||
|
|
@ -894,12 +894,18 @@ static status_t initiate(private_ike_sa_t *this,
|
|||
ike_sa_init_t *ike_sa_init;
|
||||
|
||||
DBG2(DBG_IKE, "initiating new IKE_SA for CHILD_SA");
|
||||
DESTROY_IF(this->my_host);
|
||||
this->my_host = connection->get_my_host(connection);
|
||||
this->my_host = this->my_host->clone(this->my_host);
|
||||
DESTROY_IF(this->other_host);
|
||||
this->other_host = connection->get_other_host(connection);
|
||||
this->other_host = this->other_host->clone(this->other_host);
|
||||
if (this->my_host->is_anyaddr(this->my_host))
|
||||
{
|
||||
this->my_host->destroy(this->my_host);
|
||||
this->my_host = connection->get_my_host(connection);
|
||||
this->my_host = this->my_host->clone(this->my_host);
|
||||
}
|
||||
if (this->other_host->is_anyaddr(this->other_host))
|
||||
{
|
||||
this->other_host->destroy(this->other_host);
|
||||
this->other_host = connection->get_other_host(connection);
|
||||
this->other_host = this->other_host->clone(this->other_host);
|
||||
}
|
||||
this->retrans_sequences = connection->get_retrans_seq(connection);
|
||||
this->dpd_delay = connection->get_dpd_delay(connection);
|
||||
|
||||
|
|
@ -1841,6 +1847,8 @@ static status_t reauth(private_ike_sa_t *this)
|
|||
job_t *job;
|
||||
policy_t *policy;
|
||||
linked_list_t *my_ts, *other_ts;
|
||||
host_t *other;
|
||||
|
||||
my_ts = child_sa->get_my_traffic_selectors(child_sa);
|
||||
other_ts = child_sa->get_other_traffic_selectors(child_sa);
|
||||
policy = charon->policies->get_policy(charon->policies,
|
||||
|
|
@ -1851,9 +1859,9 @@ static status_t reauth(private_ike_sa_t *this)
|
|||
DBG1(DBG_IKE, "policy not found to recreate CHILD_SA, skipped");
|
||||
continue;
|
||||
}
|
||||
|
||||
connection->get_ref(connection);
|
||||
job = (job_t*)initiate_job_create(connection, policy);
|
||||
other = this->other_host->clone(this->other_host);
|
||||
job = (job_t*)initiate_job_create(connection, other, policy);
|
||||
charon->job_queue->add(charon->job_queue, job);
|
||||
}
|
||||
iterator->destroy(iterator);
|
||||
|
|
|
|||
|
|
@ -818,7 +818,7 @@ static status_t get_response(private_create_child_sa_t *this, message_t *request
|
|||
if (other)
|
||||
{
|
||||
/* store our lower nonce in the simultaneus transaction, it
|
||||
* will later compare it against his nonces when it calls conclude().
|
||||
* will later compare it against its nonces when it calls conclude().
|
||||
*/
|
||||
if (memcmp(this->nonce_i.ptr, this->nonce_r.ptr,
|
||||
min(this->nonce_i.len, this->nonce_r.len)) < 0)
|
||||
|
|
|
|||
|
|
@ -522,7 +522,7 @@ static void stroke_initiate(private_stroke_t *this, stroke_msg_t *msg)
|
|||
return;
|
||||
}
|
||||
|
||||
job = initiate_job_create(connection, policy);
|
||||
job = initiate_job_create(connection, NULL, policy);
|
||||
/*
|
||||
if (msg->output_verbosity < 0)
|
||||
{
|
||||
|
|
|
|||
Loading…
Reference in New Issue