diff options
| author | Tobias Brunner <tobias@strongswan.org> | 2017-02-08 15:11:20 +0100 |
|---|---|---|
| committer | Tobias Brunner <tobias@strongswan.org> | 2017-02-08 15:11:20 +0100 |
| commit | 0394bbf58c9ab57e59d1c44c06955f25b7f16f17 (patch) | |
| tree | 5635aa7ad652cee89ddd66a1f83cffe5a6a8724b /src/libcharon/sa/ikev2/tasks/ike_auth.c | |
| parent | e9d13476cb8439bd18e4032e5cc6fd595c63326c (diff) | |
| parent | 2f6ec15dff0495773c8dd616f6f7b594d09336ad (diff) | |
| download | strongswan-0394bbf58c9ab57e59d1c44c06955f25b7f16f17.tar.bz2 strongswan-0394bbf58c9ab57e59d1c44c06955f25b7f16f17.tar.xz | |
Merge branch 'mid-sync'
Adds support for handling IKEV2_MESSAGE_ID_SYNC notifies as responder
(usually the original initiator) as defined in RFC 6311. Some HA solutions
use these notifies to set the new IKEv2 message IDs after a failover event.
Diffstat (limited to 'src/libcharon/sa/ikev2/tasks/ike_auth.c')
| -rw-r--r-- | src/libcharon/sa/ikev2/tasks/ike_auth.c | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/src/libcharon/sa/ikev2/tasks/ike_auth.c b/src/libcharon/sa/ikev2/tasks/ike_auth.c index 1e47144dc..53daaf2ad 100644 --- a/src/libcharon/sa/ikev2/tasks/ike_auth.c +++ b/src/libcharon/sa/ikev2/tasks/ike_auth.c @@ -417,6 +417,9 @@ METHOD(task_t, build_i, status_t, /* indicate support for EAP-only authentication */ message->add_notify(message, FALSE, EAP_ONLY_AUTHENTICATION, chunk_empty); + /* indicate support for RFC 6311 Message ID synchronization */ + message->add_notify(message, FALSE, IKEV2_MESSAGE_ID_SYNC_SUPPORTED, + chunk_empty); } if (!this->do_another_auth && !this->my_auth) @@ -992,6 +995,10 @@ METHOD(task_t, process_i, status_t, DBG1(DBG_IKE, "received invalid REDIRECT notify"); } break; + case IKEV2_MESSAGE_ID_SYNC_SUPPORTED: + this->ike_sa->enable_extension(this->ike_sa, + EXT_IKE_MESSAGE_ID_SYNC); + break; default: { if (type <= 16383) |