diff options
| author | Tobias Brunner <tobias@strongswan.org> | 2012-09-10 17:24:21 +0200 |
|---|---|---|
| committer | Tobias Brunner <tobias@strongswan.org> | 2012-09-10 17:37:18 +0200 |
| commit | f4cc7ea11b742dbd97b380b4aee032b38a6c00cf (patch) | |
| tree | 62ee6537bd0bb8e9ab518ace0499c0b7a36462a2 /src/libcharon/config | |
| parent | c51af950b1ede996ca5f04c1f5a425527a00227f (diff) | |
| download | strongswan-f4cc7ea11b742dbd97b380b4aee032b38a6c00cf.tar.bz2 strongswan-f4cc7ea11b742dbd97b380b4aee032b38a6c00cf.tar.xz | |
Add uniqueids=never to ignore INITIAL_CONTACT notifies
With uniqueids=no the daemon still deletes any existing IKE_SA with the
same peer if an INITIAL_CONTACT notify is received. With this new option
it also ignores these notifies.
Diffstat (limited to 'src/libcharon/config')
| -rw-r--r-- | src/libcharon/config/peer_cfg.h | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/src/libcharon/config/peer_cfg.h b/src/libcharon/config/peer_cfg.h index f65b91258..418e45532 100644 --- a/src/libcharon/config/peer_cfg.h +++ b/src/libcharon/config/peer_cfg.h @@ -81,11 +81,13 @@ extern enum_name_t *cert_policy_names; * Uniqueness of an IKE_SA, used to drop multiple connections with one peer. */ enum unique_policy_t { - /** do not check for client uniqueness */ + /** never check for client uniqueness */ + UNIQUE_NEVER, + /** only check for client uniqueness when receiving an INITIAL_CONTACT */ UNIQUE_NO, - /** replace unique IKE_SAs if new ones get established */ + /** replace existing IKE_SAs when new ones get established by a client */ UNIQUE_REPLACE, - /** keep existing IKE_SAs, close the new ones on connection attept */ + /** keep existing IKE_SAs, close the new ones on connection attempt */ UNIQUE_KEEP, }; |