diff options
| author | Tobias Brunner <tobias@strongswan.org> | 2015-08-18 17:35:39 +0200 |
|---|---|---|
| committer | Tobias Brunner <tobias@strongswan.org> | 2015-08-19 11:34:25 +0200 |
| commit | 2d14cb4d6c8c920b4794c82be276198b9ed21ab4 (patch) | |
| tree | d3149201a495e5fb763a633813a1499ebf653487 /src | |
| parent | bb1d9e454d911a14cd93b77e61037a71820b6d35 (diff) | |
| download | strongswan-2d14cb4d6c8c920b4794c82be276198b9ed21ab4.tar.bz2 strongswan-2d14cb4d6c8c920b4794c82be276198b9ed21ab4.tar.xz | |
ike: Use the original port when remote resolves to %any
When reestablishing the IKE_SA we should still use the original port
when right resolves to %any as some implementations might not like
initial IKE messages on port 4500 (especially for IKEv1).
Diffstat (limited to 'src')
| -rw-r--r-- | src/libcharon/sa/ike_sa.c | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/src/libcharon/sa/ike_sa.c b/src/libcharon/sa/ike_sa.c index 3bfd149f2..dcf9d5f2c 100644 --- a/src/libcharon/sa/ike_sa.c +++ b/src/libcharon/sa/ike_sa.c @@ -1240,7 +1240,9 @@ static void resolve_hosts(private_ike_sa_t *this) set_other_host(this, host); } else - { + { /* reuse the original port as some implementations might not like + * initial IKE messages on other ports */ + this->other_host->set_port(this->other_host, host->get_port(host)); host->destroy(host); } } |