Store IKE version of an SA on ike_sa_t.

7 files changed, 48 insertions, 17 deletions

diff --git a/src/libcharon/plugins/ha/ha_dispatcher.c b/src/libcharon/plugins/ha/ha_dispatcher.c
index 0a89e640a..f430fee94 100644
--- a/src/libcharon/plugins/ha/ha_dispatcher.c
+++ b/src/libcharon/plugins/ha/ha_dispatcher.c
@@ -89,7 +89,7 @@ static void process_ike_add(private_ha_dispatcher_t *this, ha_message_t *message
 		switch (attribute)
 		{
 			case HA_IKE_ID:
-				ike_sa = ike_sa_create(value.ike_sa_id);
+				ike_sa = ike_sa_create(value.ike_sa_id, IKEV2);
 				break;
 			case HA_IKE_REKEY_ID:
 				old_sa = charon->ike_sa_manager->checkout(charon->ike_sa_manager,
diff --git a/src/libcharon/sa/ike_sa.c b/src/libcharon/sa/ike_sa.c
index ee3220d1b..b59586b8a 100644
--- a/src/libcharon/sa/ike_sa.c
+++ b/src/libcharon/sa/ike_sa.c
@@ -87,6 +87,11 @@ struct private_ike_sa_t {
 	ike_sa_id_t *ike_sa_id;
 
 	/**
+	 * IKE version of this SA.
+	 */
+	ike_version_t version;
+
+	/**
 	 * unique numerical ID for this IKE_SA.
 	 */
 	u_int32_t unique_id;
@@ -1328,6 +1333,12 @@ METHOD(ike_sa_t, get_id, ike_sa_id_t*,
 	return this->ike_sa_id;
 }
 
+METHOD(ike_sa_t, get_version, ike_version_t,
+	private_ike_sa_t *this)
+{
+	return this->version;
+}
+
 METHOD(ike_sa_t, get_my_id, identification_t*,
 	private_ike_sa_t *this)
 {
@@ -1606,7 +1617,8 @@ METHOD(ike_sa_t, reestablish, status_t,
 		return FAILED;
 	}
 
-	new = charon->ike_sa_manager->checkout_new(charon->ike_sa_manager, TRUE);
+	new = charon->ike_sa_manager->checkout_new(charon->ike_sa_manager,
+											   this->version, TRUE);
 	new->set_peer_cfg(new, this->peer_cfg);
 	host = this->other_host;
 	new->set_other_host(new, host->clone(host));
@@ -2105,13 +2117,14 @@ METHOD(ike_sa_t, destroy, void,
 /*
  * Described in header.
  */
-ike_sa_t * ike_sa_create(ike_sa_id_t *ike_sa_id)
+ike_sa_t * ike_sa_create(ike_sa_id_t *ike_sa_id, ike_version_t version)
 {
 	private_ike_sa_t *this;
 	static u_int32_t unique_id = 0;
 
 	INIT(this,
 		.public = {
+			.get_version = _get_version,
 			.get_state = _get_state,
 			.set_state = _set_state,
 			.get_name = _get_name,
@@ -2191,6 +2204,7 @@ ike_sa_t * ike_sa_create(ike_sa_id_t *ike_sa_id)
 #endif /* ME */
 		},
 		.ike_sa_id = ike_sa_id->clone(ike_sa_id),
+		.version = version,
 		.child_sas = linked_list_create(),
 		.my_host = host_create_any(AF_INET),
 		.other_host = host_create_any(AF_INET),
diff --git a/src/libcharon/sa/ike_sa.h b/src/libcharon/sa/ike_sa.h
index cf23de300..21f7c7452 100644
--- a/src/libcharon/sa/ike_sa.h
+++ b/src/libcharon/sa/ike_sa.h
@@ -270,6 +270,11 @@ struct ike_sa_t {
 	ike_sa_id_t* (*get_id) (ike_sa_t *this);
 
 	/**
+	 * Gets the IKE version of the SA
+	 */
+	ike_version_t (*get_version)(ike_sa_t *this);
+
+	/**
 	 * Get the numerical ID uniquely defining this IKE_SA.
 	 *
 	 * @return				unique ID
@@ -288,7 +293,7 @@ struct ike_sa_t {
 	 *
 	 * @param state			state to set for the IKE_SA
 	 */
-	void (*set_state) (ike_sa_t *this, ike_sa_state_t ike_sa);
+	void (*set_state) (ike_sa_t *this, ike_sa_state_t state);
 
 	/**
 	 * Get the name of the connection this IKE_SA uses.
@@ -951,11 +956,12 @@ struct ike_sa_t {
 };
 
 /**
- * Creates an ike_sa_t object with a specific ID.
+ * Creates an ike_sa_t object with a specific ID and IKE version.
  *
- * @param ike_sa_id		ike_sa_id_t object to associate with new IKE_SA
+ * @param ike_sa_id		ike_sa_id_t to associate with new IKE_SA/ISAKMP_SA
+ * @param version		IKE version of this SA
  * @return				ike_sa_t object
  */
-ike_sa_t *ike_sa_create(ike_sa_id_t *ike_sa_id);
+ike_sa_t *ike_sa_create(ike_sa_id_t *ike_sa_id, ike_version_t version);
 
 #endif /** IKE_SA_H_ @}*/
diff --git a/src/libcharon/sa/ike_sa_manager.c b/src/libcharon/sa/ike_sa_manager.c
index 6b2d17386..62f9cc971 100644
--- a/src/libcharon/sa/ike_sa_manager.c
+++ b/src/libcharon/sa/ike_sa_manager.c
@@ -941,7 +941,7 @@ METHOD(ike_sa_manager_t, checkout, ike_sa_t*,
 }
 
 METHOD(ike_sa_manager_t, checkout_new, ike_sa_t*,
-	private_ike_sa_manager_t* this, bool initiator)
+	private_ike_sa_manager_t* this, ike_version_t version, bool initiator)
 {
 	ike_sa_id_t *ike_sa_id;
 	ike_sa_t *ike_sa;
@@ -954,7 +954,7 @@ METHOD(ike_sa_manager_t, checkout_new, ike_sa_t*,
 	{
 		ike_sa_id = ike_sa_id_create(0, get_spi(this), FALSE);
 	}
-	ike_sa = ike_sa_create(ike_sa_id);
+	ike_sa = ike_sa_create(ike_sa_id, version);
 	ike_sa_id->destroy(ike_sa_id);
 
 	DBG2(DBG_MGR, "created IKE_SA %s[%u]", ike_sa->get_name(ike_sa),
@@ -970,6 +970,7 @@ METHOD(ike_sa_manager_t, checkout_by_message, ike_sa_t*,
 	entry_t *entry;
 	ike_sa_t *ike_sa = NULL;
 	ike_sa_id_t *id;
+	ike_version_t ike_version;
 	bool is_init = FALSE;
 
 	id = message->get_ike_sa_id(message);
@@ -985,6 +986,7 @@ METHOD(ike_sa_manager_t, checkout_by_message, ike_sa_t*,
 			if (message->get_exchange_type(message) == IKE_SA_INIT &&
 				message->get_request(message))
 			{
+				ike_version = IKEV2;
 				is_init = TRUE;
 			}
 		}
@@ -993,6 +995,7 @@ METHOD(ike_sa_manager_t, checkout_by_message, ike_sa_t*,
 			if (message->get_exchange_type(message) == ID_PROT ||
 				message->get_exchange_type(message) == AGGRESSIVE)
 			{
+				ike_version = IKEV1;
 				is_init = TRUE;
 			}
 		}
@@ -1034,7 +1037,7 @@ METHOD(ike_sa_manager_t, checkout_by_message, ike_sa_t*,
 			/* no IKE_SA found, create a new one */
 			id->set_responder_spi(id, get_spi(this));
 			entry = entry_create();
-			entry->ike_sa = ike_sa_create(id);
+			entry->ike_sa = ike_sa_create(id, ike_version);
 			entry->ike_sa_id = id->clone(id);
 
 			segment = put_entry(this, entry);
@@ -1103,7 +1106,7 @@ METHOD(ike_sa_manager_t, checkout_by_config, ike_sa_t*,
 
 	if (!this->reuse_ikesa)
 	{	/* IKE_SA reuse disable by config */
-		ike_sa = checkout_new(this, TRUE);
+		ike_sa = checkout_new(this, peer_cfg->get_ike_version(peer_cfg), TRUE);
 		charon->bus->set_sa(charon->bus, ike_sa);
 		return ike_sa;
 	}
@@ -1139,7 +1142,7 @@ METHOD(ike_sa_manager_t, checkout_by_config, ike_sa_t*,
 
 	if (!ike_sa)
 	{	/* no IKE_SA using such a config, hand out a new */
-		ike_sa = checkout_new(this, TRUE);
+		ike_sa = checkout_new(this, peer_cfg->get_ike_version(peer_cfg), TRUE);
 	}
 	charon->bus->set_sa(charon->bus, ike_sa);
 	return ike_sa;
diff --git a/src/libcharon/sa/ike_sa_manager.h b/src/libcharon/sa/ike_sa_manager.h
index 5e542e7df..bf75b76bb 100644
--- a/src/libcharon/sa/ike_sa_manager.h
+++ b/src/libcharon/sa/ike_sa_manager.h
@@ -52,10 +52,12 @@ struct ike_sa_manager_t {
 	/**
 	 * Create and check out a new IKE_SA.
 	 *
+	 * @param version			IKE version of this SA
 	 * @param initiator			TRUE for initiator, FALSE otherwise
 	 * @returns 				created and checked out IKE_SA
 	 */
-	ike_sa_t* (*checkout_new) (ike_sa_manager_t* this, bool initiator);
+	ike_sa_t* (*checkout_new) (ike_sa_manager_t* this, ike_version_t version,
+							   bool initiator);
 
 	/**
 	 * Checkout an IKE_SA by a message.
diff --git a/src/libcharon/sa/tasks/ike_reauth.c b/src/libcharon/sa/tasks/ike_reauth.c
index 6cda0dd25..197849d88 100644
--- a/src/libcharon/sa/tasks/ike_reauth.c
+++ b/src/libcharon/sa/tasks/ike_reauth.c
@@ -54,6 +54,7 @@ METHOD(task_t, process_i, status_t,
 	ike_sa_t *new;
 	host_t *host;
 	enumerator_t *enumerator;
+	ike_version_t version;
 	child_sa_t *child_sa;
 	peer_cfg_t *peer_cfg;
 
@@ -74,7 +75,9 @@ METHOD(task_t, process_i, status_t,
 		return FAILED;
 	}
 
-	new = charon->ike_sa_manager->checkout_new(charon->ike_sa_manager, TRUE);
+	version = this->ike_sa->get_version(this->ike_sa);
+	new = charon->ike_sa_manager->checkout_new(charon->ike_sa_manager, version,
+											   TRUE);
 
 	new->set_peer_cfg(new, peer_cfg);
 	host = this->ike_sa->get_other_host(this->ike_sa);
diff --git a/src/libcharon/sa/tasks/ike_rekey.c b/src/libcharon/sa/tasks/ike_rekey.c
index 826d6e192..c089edab5 100644
--- a/src/libcharon/sa/tasks/ike_rekey.c
+++ b/src/libcharon/sa/tasks/ike_rekey.c
@@ -129,8 +129,9 @@ METHOD(task_t, build_i, status_t,
 	/* create new SA only on first try */
 	if (this->new_sa == NULL)
 	{
-		this->new_sa = charon->ike_sa_manager->checkout_new(charon->ike_sa_manager,
-															TRUE);
+		ike_version_t version = this->ike_sa->get_version(this->ike_sa);
+		this->new_sa = charon->ike_sa_manager->checkout_new(
+										charon->ike_sa_manager, version, TRUE);
 
 		peer_cfg = this->ike_sa->get_peer_cfg(this->ike_sa);
 		other_host = this->ike_sa->get_other_host(this->ike_sa);
@@ -148,6 +149,7 @@ METHOD(task_t, process_r, status_t,
 	private_ike_rekey_t *this, message_t *message)
 {
 	enumerator_t *enumerator;
+	ike_version_t version;
 	peer_cfg_t *peer_cfg;
 	child_sa_t *child_sa;
 
@@ -175,8 +177,9 @@ METHOD(task_t, process_r, status_t,
 	}
 	enumerator->destroy(enumerator);
 
+	version = this->ike_sa->get_version(this->ike_sa);
 	this->new_sa = charon->ike_sa_manager->checkout_new(charon->ike_sa_manager,
-														FALSE);
+														version, FALSE);
 
 	peer_cfg = this->ike_sa->get_peer_cfg(this->ike_sa);
 	this->new_sa->set_peer_cfg(this->new_sa, peer_cfg);