diff options
| author | Martin Willi <martin@revosec.ch> | 2012-06-14 14:47:40 +0200 |
|---|---|---|
| committer | Martin Willi <martin@revosec.ch> | 2012-06-25 10:18:34 +0200 |
| commit | 0fbfcf2a3a9d061ca0a038d2c9a76e6e25f076e8 (patch) | |
| tree | 59ffb9b95227cedf19e9501a493c1dd4ce163700 /src | |
| parent | de5e8fb4e09d4245c10fd9c0e98c1fe0115cd08e (diff) | |
| download | strongswan-0fbfcf2a3a9d061ca0a038d2c9a76e6e25f076e8.tar.bz2 strongswan-0fbfcf2a3a9d061ca0a038d2c9a76e6e25f076e8.tar.xz | |
Use XAuth/EAP remote identity for uniqueness check
Diffstat (limited to 'src')
| -rw-r--r-- | src/libcharon/processing/jobs/adopt_children_job.c | 4 | ||||
| -rw-r--r-- | src/libcharon/sa/ike_sa_manager.c | 4 | ||||
| -rw-r--r-- | src/libcharon/sa/ike_sa_manager.h | 2 |
3 files changed, 6 insertions, 4 deletions
diff --git a/src/libcharon/processing/jobs/adopt_children_job.c b/src/libcharon/processing/jobs/adopt_children_job.c index 93da960f8..4ba6e872b 100644 --- a/src/libcharon/processing/jobs/adopt_children_job.c +++ b/src/libcharon/processing/jobs/adopt_children_job.c @@ -77,7 +77,7 @@ METHOD(job_t, execute, void, /* find old SA to adopt children from */ children = linked_list_create(); enumerator = charon->ike_sa_manager->create_id_enumerator( - charon->ike_sa_manager, my_id, other_id, + charon->ike_sa_manager, my_id, xauth, other->get_family(other)); while (enumerator->enumerate(enumerator, &id)) { @@ -92,7 +92,7 @@ METHOD(job_t, execute, void, ike_sa->get_state(ike_sa) == IKE_PASSIVE) && me->equals(me, ike_sa->get_my_host(ike_sa)) && other->equals(other, ike_sa->get_other_host(ike_sa)) && - xauth->equals(xauth, ike_sa->get_other_eap_id(ike_sa)) && + other_id->equals(other_id, ike_sa->get_other_id(ike_sa)) && cfg->equals(cfg, ike_sa->get_peer_cfg(ike_sa))) { childenum = ike_sa->create_child_sa_enumerator(ike_sa); diff --git a/src/libcharon/sa/ike_sa_manager.c b/src/libcharon/sa/ike_sa_manager.c index 47662ad4d..702fe52d6 100644 --- a/src/libcharon/sa/ike_sa_manager.c +++ b/src/libcharon/sa/ike_sa_manager.c @@ -1441,7 +1441,7 @@ METHOD(ike_sa_manager_t, checkin, void, ike_sa_id = ike_sa->get_id(ike_sa); my_id = ike_sa->get_my_id(ike_sa); - other_id = ike_sa->get_other_id(ike_sa); + other_id = ike_sa->get_other_eap_id(ike_sa); other = ike_sa->get_other_host(ike_sa); DBG2(DBG_MGR, "checkin IKE_SA %s[%u]", ike_sa->get_name(ike_sa), @@ -1653,7 +1653,7 @@ METHOD(ike_sa_manager_t, check_uniqueness, bool, return FALSE; } me = ike_sa->get_my_id(ike_sa); - other = ike_sa->get_other_id(ike_sa); + other = ike_sa->get_other_eap_id(ike_sa); other_host = ike_sa->get_other_host(ike_sa); enumerator = create_id_enumerator(this, me, other, diff --git a/src/libcharon/sa/ike_sa_manager.h b/src/libcharon/sa/ike_sa_manager.h index 0f9a6d177..a68ae7763 100644 --- a/src/libcharon/sa/ike_sa_manager.h +++ b/src/libcharon/sa/ike_sa_manager.h @@ -172,6 +172,8 @@ struct ike_sa_manager_t { /** * Create an enumerator over ike_sa_id_t*, matching peer identities. * + * The remote peer is identified by its XAuth or EAP identity, if available. + * * @param me local peer identity to match * @param other remote peer identity to match * @param family address family to match, 0 for any |