diff options
| author | Martin Willi <martin@strongswan.org> | 2006-09-05 14:07:25 +0000 |
|---|---|---|
| committer | Martin Willi <martin@strongswan.org> | 2006-09-05 14:07:25 +0000 |
| commit | a655f5c09c2ba180b7d393dbdfc8b8057293d9ab (patch) | |
| tree | e645a61c178ebcb932a56f09e4bdcca80b230431 /src/charon/sa/transactions/ike_auth.c | |
| parent | da8ab11e918353293953636abea73f12bf8f956e (diff) | |
| download | strongswan-a655f5c09c2ba180b7d393dbdfc8b8057293d9ab.tar.bz2 strongswan-a655f5c09c2ba180b7d393dbdfc8b8057293d9ab.tar.xz | |
reuse reqid when a ROUTED child_sa gets INSTALLED
fixed a bug in retransmission code
added support for the "keyingtries" ipsec.conf parameter
added support for the "dpddelay" ipsec.conf parameter
done some work for "dpdaction" behavior
some other cleanups and fixes
Diffstat (limited to 'src/charon/sa/transactions/ike_auth.c')
| -rw-r--r-- | src/charon/sa/transactions/ike_auth.c | 19 |
1 files changed, 17 insertions, 2 deletions
diff --git a/src/charon/sa/transactions/ike_auth.c b/src/charon/sa/transactions/ike_auth.c index 68abba814..1d15daebb 100644 --- a/src/charon/sa/transactions/ike_auth.c +++ b/src/charon/sa/transactions/ike_auth.c @@ -125,6 +125,11 @@ struct private_ike_auth_t { bool build_child; /** + * reqid to use for CHILD_SA setup + */ + u_int32_t reqid; + + /** * Assigned logger. */ logger_t *logger; @@ -157,6 +162,14 @@ static void set_config(private_ike_auth_t *this, } /** + * Implementation of transaction_t.set_reqid. + */ +static void set_reqid(private_ike_auth_t *this, u_int32_t reqid) +{ + this->reqid = reqid; +} + +/** * Implementation of transaction_t.set_nonces. */ static void set_nonces(private_ike_auth_t *this, chunk_t nonce_i, chunk_t nonce_r) @@ -303,7 +316,7 @@ static status_t get_request(private_ike_auth_t *this, message_t **result) proposal_list = this->policy->get_proposals(this->policy); soft_lifetime = this->policy->get_soft_lifetime(this->policy); hard_lifetime = this->policy->get_hard_lifetime(this->policy); - this->child_sa = child_sa_create(0, me, other, soft_lifetime, hard_lifetime, + this->child_sa = child_sa_create(this->reqid, me, other, soft_lifetime, hard_lifetime, this->ike_sa->is_natt_enabled(this->ike_sa)); this->child_sa->set_name(this->child_sa, this->policy->get_name(this->policy)); if (this->child_sa->alloc(this->child_sa, proposal_list) != SUCCESS) @@ -768,7 +781,7 @@ static status_t get_response(private_ike_auth_t *this, message_t *request, soft_lifetime = this->policy->get_soft_lifetime(this->policy); hard_lifetime = this->policy->get_hard_lifetime(this->policy); use_natt = this->ike_sa->is_natt_enabled(this->ike_sa); - this->child_sa = child_sa_create(0, me, other, + this->child_sa = child_sa_create(this->reqid, me, other, soft_lifetime, hard_lifetime, use_natt); this->child_sa->set_name(this->child_sa, this->policy->get_name(this->policy)); @@ -1006,6 +1019,7 @@ ike_auth_t *ike_auth_create(ike_sa_t *ike_sa) /* public functions */ this->public.set_config = (void(*)(ike_auth_t*,connection_t*,policy_t*))set_config; + this->public.set_reqid = (void(*)(ike_auth_t*,u_int32_t))set_reqid; this->public.set_nonces = (void(*)(ike_auth_t*,chunk_t,chunk_t))set_nonces; this->public.set_init_messages = (void(*)(ike_auth_t*,chunk_t,chunk_t))set_init_messages; @@ -1023,6 +1037,7 @@ ike_auth_t *ike_auth_create(ike_sa_t *ike_sa) this->tsi = NULL; this->tsr = NULL; this->build_child = TRUE; + this->reqid = 0; this->logger = logger_manager->get_logger(logger_manager, IKE_SA); return &this->public; |