diff options
| author | Timo Teräs <timo.teras@iki.fi> | 2016-03-26 14:19:31 +0000 |
|---|---|---|
| committer | Timo Teräs <timo.teras@iki.fi> | 2016-03-26 14:19:44 +0000 |
| commit | 131cca54d72069d76358c4cd4ac31efaa81ab6e8 (patch) | |
| tree | 980182044014964034ce45830b68ee8ff9f136b3 /main/strongswan/0205-ike-Adhere-to-IKE_SA-limit-when-checking-out-by-conf.patch | |
| parent | 00efbea7aa2a383c4f3a7322a6a669bdea5c04bb (diff) | |
| download | aports-131cca54d72069d76358c4cd4ac31efaa81ab6e8.tar.bz2 aports-131cca54d72069d76358c4cd4ac31efaa81ab6e8.tar.xz | |
main/strongswan: upgrade to 5.4.0
Diffstat (limited to 'main/strongswan/0205-ike-Adhere-to-IKE_SA-limit-when-checking-out-by-conf.patch')
| -rw-r--r-- | main/strongswan/0205-ike-Adhere-to-IKE_SA-limit-when-checking-out-by-conf.patch | 20 |
1 files changed, 10 insertions, 10 deletions
diff --git a/main/strongswan/0205-ike-Adhere-to-IKE_SA-limit-when-checking-out-by-conf.patch b/main/strongswan/0205-ike-Adhere-to-IKE_SA-limit-when-checking-out-by-conf.patch index 24c1537b16..6f960e2e33 100644 --- a/main/strongswan/0205-ike-Adhere-to-IKE_SA-limit-when-checking-out-by-conf.patch +++ b/main/strongswan/0205-ike-Adhere-to-IKE_SA-limit-when-checking-out-by-conf.patch @@ -1,4 +1,4 @@ -From f60c91a440d8b8a0969d99c9c84df40fe2ffc8c4 Mon Sep 17 00:00:00 2001 +From c36fc076075f94176d0c95bd7437822e07f8c5c0 Mon Sep 17 00:00:00 2001 From: Tobias Brunner <tobias@strongswan.org> Date: Fri, 17 Jul 2015 11:53:58 +0200 Subject: [PATCH] ike: Adhere to IKE_SA limit when checking out by config @@ -10,23 +10,23 @@ limit (we still allow checkout_new(), which is used for rekeying). 1 file changed, 36 insertions(+), 33 deletions(-) diff --git a/src/libcharon/sa/ike_sa_manager.c b/src/libcharon/sa/ike_sa_manager.c -index 4625df5..aeed6fe 100644 +index 307ea3b..e8190a9 100644 --- a/src/libcharon/sa/ike_sa_manager.c +++ b/src/libcharon/sa/ike_sa_manager.c -@@ -1385,47 +1385,50 @@ METHOD(ike_sa_manager_t, checkout_by_config, ike_sa_t*, +@@ -1401,47 +1401,50 @@ METHOD(ike_sa_manager_t, checkout_by_config, ike_sa_t*, DBG2(DBG_MGR, "checkout IKE_SA by config"); -- if (!this->reuse_ikesa) -- { /* IKE_SA reuse disable by config */ +- if (!this->reuse_ikesa && peer_cfg->get_ike_version(peer_cfg) != IKEV1) +- { /* IKE_SA reuse disabled by config (not possible for IKEv1) */ - ike_sa = checkout_new(this, peer_cfg->get_ike_version(peer_cfg), TRUE); - charon->bus->set_sa(charon->bus, ike_sa); -- return ike_sa; +- goto out; - } - - enumerator = create_table_enumerator(this); - while (enumerator->enumerate(enumerator, &entry, &segment)) -+ if (this->reuse_ikesa) ++ if (this->reuse_ikesa || peer_cfg->get_ike_version(peer_cfg) == IKEV1) { - if (!wait_for_entry(this, entry, segment)) + enumerator = create_table_enumerator(this); @@ -47,7 +47,7 @@ index 4625df5..aeed6fe 100644 - if (current_ike->equals(current_ike, peer_cfg->get_ike_cfg(peer_cfg))) + if (!wait_for_entry(this, entry, segment)) { -- entry->checked_out = TRUE; +- entry->checked_out = thread_current(); - ike_sa = entry->ike_sa; - DBG2(DBG_MGR, "found existing IKE_SA %u with a '%s' config", - ike_sa->get_unique_id(ike_sa), @@ -67,7 +67,7 @@ index 4625df5..aeed6fe 100644 + if (current_ike->equals(current_ike, + peer_cfg->get_ike_cfg(peer_cfg))) + { -+ entry->checked_out = TRUE; ++ entry->checked_out = thread_current(); + ike_sa = entry->ike_sa; + DBG2(DBG_MGR, "found existing IKE_SA %u with a '%s' config", + ike_sa->get_unique_id(ike_sa), @@ -98,5 +98,5 @@ index 4625df5..aeed6fe 100644 } charon->bus->set_sa(charon->bus, ike_sa); -- -2.6.3 +2.7.4 |