diff options
| author | Martin Willi <martin@revosec.ch> | 2011-11-23 15:55:00 +0100 |
|---|---|---|
| committer | Martin Willi <martin@revosec.ch> | 2012-03-20 17:30:51 +0100 |
| commit | c4c5950458e7db16fe8cad16ab0cd153b4813263 (patch) | |
| tree | cd1c6ba459e7a737b167039cd1f0973874124a1d | |
| parent | 97265a8927c290466eb8899d99da9b3cf921969f (diff) | |
| download | strongswan-c4c5950458e7db16fe8cad16ab0cd153b4813263.tar.bz2 strongswan-c4c5950458e7db16fe8cad16ab0cd153b4813263.tar.xz | |
Create host-to-host traffic selectors if quick mode identities missing
| -rw-r--r-- | src/libcharon/sa/tasks/quick_mode.c | 29 |
1 files changed, 26 insertions, 3 deletions
diff --git a/src/libcharon/sa/tasks/quick_mode.c b/src/libcharon/sa/tasks/quick_mode.c index 8586d9abf..0c4e18c1c 100644 --- a/src/libcharon/sa/tasks/quick_mode.c +++ b/src/libcharon/sa/tasks/quick_mode.c @@ -303,7 +303,7 @@ METHOD(task_t, process_r, status_t, payload_t *payload; linked_list_t *tsi, *tsr, *list; peer_cfg_t *peer_cfg; - host_t *me, *other; + host_t *me, *other, *host; enumerator_t *enumerator; bool first = TRUE; @@ -328,7 +328,18 @@ METHOD(task_t, process_r, status_t, } enumerator->destroy(enumerator); - /* TODO-IKEv1: create host2host TS if ID payloads missing */ + if (!this->tsi) + { + host = this->ike_sa->get_other_host(this->ike_sa); + this->tsi = traffic_selector_create_from_subnet(host->clone(host), + host->get_family(host) == AF_INET ? 32 : 128, 0, 0); + } + if (!this->tsr) + { + host = this->ike_sa->get_my_host(this->ike_sa); + this->tsr = traffic_selector_create_from_subnet(host->clone(host), + host->get_family(host) == AF_INET ? 32 : 128, 0, 0); + } me = this->ike_sa->get_virtual_ip(this->ike_sa, TRUE); if (!me) @@ -471,6 +482,7 @@ METHOD(task_t, process_i, status_t, traffic_selector_t *tsi = NULL, *tsr = NULL; linked_list_t *list; enumerator_t *enumerator; + host_t *host; bool first = TRUE; enumerator = message->create_payload_enumerator(message); @@ -494,7 +506,18 @@ METHOD(task_t, process_i, status_t, } enumerator->destroy(enumerator); - /* TODO-IKEv1: create host2host TS if ID payloads missing */ + if (!tsr) + { + host = this->ike_sa->get_other_host(this->ike_sa); + tsr = traffic_selector_create_from_subnet(host->clone(host), + host->get_family(host) == AF_INET ? 32 : 128, 0, 0); + } + if (!tsi) + { + host = this->ike_sa->get_my_host(this->ike_sa); + tsi = traffic_selector_create_from_subnet(host->clone(host), + host->get_family(host) == AF_INET ? 32 : 128, 0, 0); + } if (!tsr->is_contained_in(tsr, this->tsr) || !tsi->is_contained_in(tsi, this->tsi)) |