diff options
| author | Martin Willi <martin@revosec.ch> | 2012-01-20 13:42:37 +0100 |
|---|---|---|
| committer | Martin Willi <martin@revosec.ch> | 2012-03-20 17:31:38 +0100 |
| commit | aa3b53e7165da9d03ccc23a0f0feeeeda6e76219 (patch) | |
| tree | 6923ae31dc0a796edff3075daaf5458e870c3d27 | |
| parent | fed5c33440d609721cfdd5992f269c52a6191539 (diff) | |
| download | strongswan-aa3b53e7165da9d03ccc23a0f0feeeeda6e76219.tar.bz2 strongswan-aa3b53e7165da9d03ccc23a0f0feeeeda6e76219.tar.xz | |
Adopt children after syncing a rekeyed IKEv1 SA
| -rw-r--r-- | src/libcharon/plugins/ha/ha_dispatcher.c | 6 | ||||
| -rw-r--r-- | src/libcharon/processing/jobs/adopt_children_job.c | 3 | ||||
| -rw-r--r-- | src/libcharon/sa/ike_sa_manager.c | 3 |
3 files changed, 10 insertions, 2 deletions
diff --git a/src/libcharon/plugins/ha/ha_dispatcher.c b/src/libcharon/plugins/ha/ha_dispatcher.c index 7ce23b3c6..328b923b0 100644 --- a/src/libcharon/plugins/ha/ha_dispatcher.c +++ b/src/libcharon/plugins/ha/ha_dispatcher.c @@ -19,6 +19,7 @@ #include <sa/ikev2/keymat_v2.h> #include <sa/ikev1/keymat_v1.h> #include <processing/jobs/callback_job.h> +#include <processing/jobs/adopt_children_job.h> typedef struct private_ha_dispatcher_t private_ha_dispatcher_t; typedef struct ha_diffie_hellman_t ha_diffie_hellman_t; @@ -427,6 +428,11 @@ static void process_ike_update(private_ha_dispatcher_t *this, } } } + if (ike_sa->get_version(ike_sa) == IKEV1) + { + lib->processor->queue_job(lib->processor, (job_t*) + adopt_children_job_create(ike_sa->get_id(ike_sa))); + } this->cache->cache(this->cache, ike_sa, message); charon->ike_sa_manager->checkin(charon->ike_sa_manager, ike_sa); } diff --git a/src/libcharon/processing/jobs/adopt_children_job.c b/src/libcharon/processing/jobs/adopt_children_job.c index 744b7f9b7..93da960f8 100644 --- a/src/libcharon/processing/jobs/adopt_children_job.c +++ b/src/libcharon/processing/jobs/adopt_children_job.c @@ -88,7 +88,8 @@ METHOD(job_t, execute, void, ike_sa = charon->ike_sa_manager->checkout(charon->ike_sa_manager, id); if (ike_sa) { - if (ike_sa->get_state(ike_sa) == IKE_ESTABLISHED && + if ((ike_sa->get_state(ike_sa) == IKE_ESTABLISHED || + ike_sa->get_state(ike_sa) == IKE_PASSIVE) && me->equals(me, ike_sa->get_my_host(ike_sa)) && other->equals(other, ike_sa->get_other_host(ike_sa)) && xauth->equals(xauth, ike_sa->get_other_eap_id(ike_sa)) && diff --git a/src/libcharon/sa/ike_sa_manager.c b/src/libcharon/sa/ike_sa_manager.c index b617a1332..455d5386a 100644 --- a/src/libcharon/sa/ike_sa_manager.c +++ b/src/libcharon/sa/ike_sa_manager.c @@ -1375,7 +1375,8 @@ METHOD(ike_sa_manager_t, checkin, void, } /* apply identities for duplicate test */ - if (ike_sa->get_state(ike_sa) == IKE_ESTABLISHED && + if ((ike_sa->get_state(ike_sa) == IKE_ESTABLISHED || + ike_sa->get_state(ike_sa) == IKE_PASSIVE) && entry->my_id == NULL && entry->other_id == NULL) { if (ike_sa->get_version(ike_sa) == IKEV1) |