mode-config: Reassign migrated virtual IP if client requests %any

If we mistakenly detect a new IKE_SA as a reauthentication the client won't request the previous virtual IP, but since we already migrated it we already triggered the assign_vips() hook, so we should reassign the migrated virtual IP. Fixes #1152.
author: Tobias Brunner <tobias@strongswan.org> 2015-10-13 12:10:42 +0200
committer: Tobias Brunner <tobias@strongswan.org> 2015-11-12 14:42:36 +0100
commit: 322a11ccbbed6408ecac4b6da3922573c20f1d1b (patch)
tree: 9f3b29db9c2d3bf5af97457c3cb3cd8e721540cd /src/libcharon/sa/ikev1
parent: e161238e8e9b14cbc3ba36e8897ec2473d36b0fd (diff)
download: strongswan-322a11ccbbed6408ecac4b6da3922573c20f1d1b.tar.bz2
strongswan-322a11ccbbed6408ecac4b6da3922573c20f1d1b.tar.xz
1 files changed, 3 insertions, 1 deletions
diff --git a/src/libcharon/sa/ikev1/tasks/mode_config.c b/src/libcharon/sa/ikev1/tasks/mode_config.c
index d0994a961..a03477e18 100644
--- a/src/libcharon/sa/ikev1/tasks/mode_config.c
+++ b/src/libcharon/sa/ikev1/tasks/mode_config.c
@@ -482,7 +482,9 @@ static host_t *assign_migrated_vip(linked_list_t *migrated, host_t *requested)
 	enumerator = migrated->create_enumerator(migrated);
 	while (enumerator->enumerate(enumerator, &vip))
 	{
-		if (vip->ip_equals(vip, requested))
+		if (vip->ip_equals(vip, requested) ||
+		   (requested->is_anyaddr(requested) &&
+			requested->get_family(requested) == vip->get_family(vip)))
 		{
 			migrated->remove_at(migrated, enumerator);
 			found = vip;
author	Tobias Brunner <tobias@strongswan.org>	2015-10-13 12:10:42 +0200
committer	Tobias Brunner <tobias@strongswan.org>	2015-11-12 14:42:36 +0100
commit	322a11ccbbed6408ecac4b6da3922573c20f1d1b (patch)
tree	9f3b29db9c2d3bf5af97457c3cb3cd8e721540cd /src/libcharon/sa/ikev1
parent	e161238e8e9b14cbc3ba36e8897ec2473d36b0fd (diff)
download	strongswan-322a11ccbbed6408ecac4b6da3922573c20f1d1b.tar.bz2 strongswan-322a11ccbbed6408ecac4b6da3922573c20f1d1b.tar.xz