diff options
| author | Martin Willi <martin@revosec.ch> | 2010-02-22 18:34:11 +0100 |
|---|---|---|
| committer | Martin Willi <martin@revosec.ch> | 2010-02-26 11:44:33 +0100 |
| commit | cc2eaddee4dea3f30ea05abb7a67b8ac64c880e1 (patch) | |
| tree | 07eb325ca06a224cb03a6df34d207e80c12ce365 /src/charon/sa/tasks/ike_mobike.c | |
| parent | 4e18490ea8bbd13b2f49c4be385744fc453f1cfc (diff) | |
| download | strongswan-cc2eaddee4dea3f30ea05abb7a67b8ac64c880e1.tar.bz2 strongswan-cc2eaddee4dea3f30ea05abb7a67b8ac64c880e1.tar.xz | |
Use src/dst ports as configured in ike_cfg
Diffstat (limited to 'src/charon/sa/tasks/ike_mobike.c')
| -rw-r--r-- | src/charon/sa/tasks/ike_mobike.c | 34 |
1 files changed, 28 insertions, 6 deletions
diff --git a/src/charon/sa/tasks/ike_mobike.c b/src/charon/sa/tasks/ike_mobike.c index d76ba8d2b..a62886f02 100644 --- a/src/charon/sa/tasks/ike_mobike.c +++ b/src/charon/sa/tasks/ike_mobike.c @@ -269,12 +269,36 @@ static void update_children(private_ike_mobike_t *this) } /** + * Apply port of old address if it equals new, port otherwise + */ +static void apply_port(private_ike_mobike_t *this, host_t *host, host_t *old, + u_int16_t port) +{ + if (host->ip_equals(host, old)) + { + host->set_port(host, old->get_port(old)); + } + else + { + if (port == IKEV2_UDP_PORT) + { + host->set_port(host, IKEV2_NATT_PORT); + } + else + { + host->set_port(host, port); + } + } +} + +/** * Implementation of ike_mobike_t.transmit */ static void transmit(private_ike_mobike_t *this, packet_t *packet) { host_t *me, *other, *me_old, *other_old; iterator_t *iterator; + ike_cfg_t *ike_cfg; packet_t *copy; if (!this->check) @@ -284,13 +308,13 @@ static void transmit(private_ike_mobike_t *this, packet_t *packet) me_old = this->ike_sa->get_my_host(this->ike_sa); other_old = this->ike_sa->get_other_host(this->ike_sa); + ike_cfg = this->ike_sa->get_ike_cfg(this->ike_sa); me = charon->kernel_interface->get_source_addr( charon->kernel_interface, other_old, NULL); if (me) { - me->set_port(me, me->ip_equals(me, me_old) ? - me_old->get_port(me_old) : IKEV2_NATT_PORT); + apply_port(this, me, me_old, ike_cfg->get_my_port(ike_cfg)); DBG1(DBG_IKE, "checking original path %#H - %#H", me, other_old); copy = packet->clone(packet); copy->set_source(copy, me); @@ -310,11 +334,9 @@ static void transmit(private_ike_mobike_t *this, packet_t *packet) continue; } /* reuse port for an active address, 4500 otherwise */ - me->set_port(me, me->ip_equals(me, me_old) ? - me_old->get_port(me_old) : IKEV2_NATT_PORT); + apply_port(this, me, me_old, ike_cfg->get_my_port(ike_cfg)); other = other->clone(other); - other->set_port(other, other->ip_equals(other, other_old) ? - other_old->get_port(other_old) : IKEV2_NATT_PORT); + apply_port(this, other, other_old, ike_cfg->get_other_port(ike_cfg)); DBG1(DBG_IKE, "checking path %#H - %#H", me, other); copy = packet->clone(packet); copy->set_source(copy, me); |