diff options
| author | Tobias Brunner <tobias@strongswan.org> | 2015-04-22 17:02:23 +0200 |
|---|---|---|
| committer | Tobias Brunner <tobias@strongswan.org> | 2016-03-04 16:02:58 +0100 |
| commit | dd2b335b795b96c73561a44f0dfb106ca9189971 (patch) | |
| tree | d1b8fe18baa589478bddc78ac301757bc85d9ff0 /src/libcharon/sa | |
| parent | 2beb26b9489b0d94d2c1be3022099aa8bd02735c (diff) | |
| download | strongswan-dd2b335b795b96c73561a44f0dfb106ca9189971.tar.bz2 strongswan-dd2b335b795b96c73561a44f0dfb106ca9189971.tar.xz | |
ike-init: Send REDIRECT notify during IKE_SA_INIT if requested by providers
Diffstat (limited to 'src/libcharon/sa')
| -rw-r--r-- | src/libcharon/sa/ikev2/tasks/ike_init.c | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/src/libcharon/sa/ikev2/tasks/ike_init.c b/src/libcharon/sa/ikev2/tasks/ike_init.c index 0f9c45a7f..87761ad59 100644 --- a/src/libcharon/sa/ikev2/tasks/ike_init.c +++ b/src/libcharon/sa/ikev2/tasks/ike_init.c @@ -559,6 +559,8 @@ static bool derive_keys(private_ike_init_t *this, METHOD(task_t, build_r, status_t, private_ike_init_t *this, message_t *message) { + identification_t *gateway; + /* check if we have everything we need */ if (this->proposal == NULL || this->other_nonce.len == 0 || this->my_nonce.len == 0) @@ -569,6 +571,21 @@ METHOD(task_t, build_r, status_t, } this->ike_sa->set_proposal(this->ike_sa, this->proposal); + /* check if we'd have to redirect the client */ + if (this->ike_sa->supports_extension(this->ike_sa, EXT_IKE_REDIRECTION) && + charon->redirect->redirect_on_init(charon->redirect, this->ike_sa, + &gateway)) + { + chunk_t data; + + DBG1(DBG_IKE, "redirecting peer to %Y", gateway); + data = redirect_data_create(gateway, this->other_nonce); + message->add_notify(message, TRUE, REDIRECT, data); + gateway->destroy(gateway); + chunk_free(&data); + return FAILED; + } + if (this->dh == NULL || !this->proposal->has_dh_group(this->proposal, this->dh_group)) { |