diff options
author | Martin Willi <martin@revosec.ch> | 2012-05-02 11:12:31 +0200 |
---|---|---|
committer | Martin Willi <martin@revosec.ch> | 2012-05-02 11:12:31 +0200 |
commit | b24be29646442210f43b100d2282b6c0a0e52e09 (patch) | |
tree | 5cdc2dbda7cb5881c2c2fa7a90ab6729112fd4c4 /src/libcharon/plugins/nm/nm_service.c | |
parent | f99d8b10c9f5b5024b4b1e5f5d1e56e2519cdadc (diff) | |
parent | 8c35f5d460baf0ee7f25669620ee234a0176681f (diff) | |
download | strongswan-b24be29646442210f43b100d2282b6c0a0e52e09.tar.bz2 strongswan-b24be29646442210f43b100d2282b6c0a0e52e09.tar.xz |
Merge branch 'ikev1'
Conflicts:
configure.in
man/ipsec.conf.5.in
src/libcharon/encoding/generator.c
src/libcharon/encoding/payloads/notify_payload.c
src/libcharon/encoding/payloads/notify_payload.h
src/libcharon/encoding/payloads/payload.c
src/libcharon/network/receiver.c
src/libcharon/sa/authenticator.c
src/libcharon/sa/authenticator.h
src/libcharon/sa/ikev2/tasks/ike_init.c
src/libcharon/sa/task_manager.c
src/libstrongswan/credentials/auth_cfg.c
Diffstat (limited to 'src/libcharon/plugins/nm/nm_service.c')
-rw-r--r-- | src/libcharon/plugins/nm/nm_service.c | 12 |
1 files changed, 10 insertions, 2 deletions
diff --git a/src/libcharon/plugins/nm/nm_service.c b/src/libcharon/plugins/nm/nm_service.c index a6783fcc3..d51b699ae 100644 --- a/src/libcharon/plugins/nm/nm_service.c +++ b/src/libcharon/plugins/nm/nm_service.c @@ -499,11 +499,11 @@ static gboolean connect_(NMVPNPlugin *plugin, NMConnection *connection, ike_cfg = ike_cfg_create(TRUE, encap, "0.0.0.0", IKEV2_UDP_PORT, (char*)address, IKEV2_UDP_PORT); ike_cfg->add_proposal(ike_cfg, proposal_create_default(PROTO_IKE)); - peer_cfg = peer_cfg_create(priv->name, 2, ike_cfg, + peer_cfg = peer_cfg_create(priv->name, IKEV2, ike_cfg, CERT_SEND_IF_ASKED, UNIQUE_REPLACE, 1, /* keyingtries */ 36000, 0, /* rekey 10h, reauth none */ 600, 600, /* jitter, over 10min */ - TRUE, 0, /* mobike, DPD */ + TRUE, FALSE, 0, /* mobike, aggressive, DPD */ virtual ? host_create_from_string("0.0.0.0", 0) : NULL, NULL, FALSE, NULL, NULL); /* pool, mediation */ auth = auth_cfg_create(); @@ -533,6 +533,13 @@ static gboolean connect_(NMVPNPlugin *plugin, NMConnection *connection, */ ike_sa = charon->ike_sa_manager->checkout_by_config(charon->ike_sa_manager, peer_cfg); + if (!ike_sa) + { + peer_cfg->destroy(peer_cfg); + g_set_error(err, NM_VPN_PLUGIN_ERROR, NM_VPN_PLUGIN_ERROR_LAUNCH_FAILED, + "IKE version not supported."); + return FALSE; + } if (!ike_sa->get_peer_cfg(ike_sa)) { ike_sa->set_peer_cfg(ike_sa, peer_cfg); @@ -550,6 +557,7 @@ static gboolean connect_(NMVPNPlugin *plugin, NMConnection *connection, /** * Initiate */ + child_cfg->get_ref(child_cfg); if (ike_sa->initiate(ike_sa, child_cfg, 0, NULL, NULL) != SUCCESS) { charon->bus->remove_listener(charon->bus, &priv->listener); |