ikev2: Add task that verifies a peer's certificate

On failure the SA is deleted and reestablished as configured. The task is activated after the REAUTH_COMPLETE task so a make-before-break reauth is completed before the new SA might get torn down.
author: Tobias Brunner <tobias@strongswan.org> 2015-10-27 17:31:43 +0100
committer: Tobias Brunner <tobias@strongswan.org> 2016-03-10 11:07:15 +0100
commit: 8ce78e43a4746ce4d3d107ef2ed2f4e13f1c9c8f (patch)
tree: 960f275d63b9d1cbc7d82caad07d61860f39a2e4 /src/libcharon/sa/task.h
parent: 034a462901209dd8f04bf984ef90c2d6ba2c776e (diff)
download: strongswan-8ce78e43a4746ce4d3d107ef2ed2f4e13f1c9c8f.tar.bz2
strongswan-8ce78e43a4746ce4d3d107ef2ed2f4e13f1c9c8f.tar.xz
1 files changed, 2 insertions, 0 deletions
diff --git a/src/libcharon/sa/task.h b/src/libcharon/sa/task.h
index b2e9d8886..31d70fb3b 100644
--- a/src/libcharon/sa/task.h
+++ b/src/libcharon/sa/task.h
@@ -59,6 +59,8 @@ enum task_type_t {
 	TASK_IKE_REAUTH_COMPLETE,
 	/** redirect an active IKE_SA */
 	TASK_IKE_REDIRECT,
+	/** verify a peer's certificate */
+	TASK_IKE_VERIFY_PEER_CERT,
 	/** delete an IKE_SA */
 	TASK_IKE_DELETE,
 	/** liveness check */
author	Tobias Brunner <tobias@strongswan.org>	2015-10-27 17:31:43 +0100
committer	Tobias Brunner <tobias@strongswan.org>	2016-03-10 11:07:15 +0100
commit	8ce78e43a4746ce4d3d107ef2ed2f4e13f1c9c8f (patch)
tree	960f275d63b9d1cbc7d82caad07d61860f39a2e4 /src/libcharon/sa/task.h
parent	034a462901209dd8f04bf984ef90c2d6ba2c776e (diff)
download	strongswan-8ce78e43a4746ce4d3d107ef2ed2f4e13f1c9c8f.tar.bz2 strongswan-8ce78e43a4746ce4d3d107ef2ed2f4e13f1c9c8f.tar.xz