diff options
| author | Martin Willi <martin@strongswan.org> | 2009-08-03 14:37:24 +0200 |
|---|---|---|
| committer | Martin Willi <martin@strongswan.org> | 2009-08-03 14:37:24 +0200 |
| commit | 5cb300e795edce7a852a1c8da976f8609e92641e (patch) | |
| tree | e967fd8c7deb7b9e4481bd004eed7f3200057e91 /src | |
| parent | 10c13ed26474d11427fb82b7941be88bc9a04961 (diff) | |
| download | strongswan-5cb300e795edce7a852a1c8da976f8609e92641e.tar.bz2 strongswan-5cb300e795edce7a852a1c8da976f8609e92641e.tar.xz | |
compare IKE config when reusing an existing IKE_SA to initiate a CHILD_SA
Diffstat (limited to 'src')
| -rw-r--r-- | src/charon/sa/ike_sa_manager.c | 21 |
1 files changed, 13 insertions, 8 deletions
diff --git a/src/charon/sa/ike_sa_manager.c b/src/charon/sa/ike_sa_manager.c index 38a131970..acb69e650 100644 --- a/src/charon/sa/ike_sa_manager.c +++ b/src/charon/sa/ike_sa_manager.c @@ -1050,7 +1050,8 @@ static ike_sa_t* checkout_by_config(private_ike_sa_manager_t *this, enumerator_t *enumerator; entry_t *entry; ike_sa_t *ike_sa = NULL; - peer_cfg_t *current_cfg; + peer_cfg_t *current_peer; + ike_cfg_t *current_ike; u_int segment; if (!this->reuse_ikesa) @@ -1072,14 +1073,18 @@ static ike_sa_t* checkout_by_config(private_ike_sa_manager_t *this, continue; } - current_cfg = entry->ike_sa->get_peer_cfg(entry->ike_sa); - if (current_cfg && current_cfg->equals(current_cfg, peer_cfg)) + current_peer = entry->ike_sa->get_peer_cfg(entry->ike_sa); + if (current_peer && current_peer->equals(current_peer, peer_cfg)) { - DBG2(DBG_MGR, "found an existing IKE_SA with a '%s' config", - current_cfg->get_name(current_cfg)); - entry->checked_out = TRUE; - ike_sa = entry->ike_sa; - break; + current_ike = current_peer->get_ike_cfg(current_peer); + if (current_ike->equals(current_ike, peer_cfg->get_ike_cfg(peer_cfg))) + { + DBG2(DBG_MGR, "found an existing IKE_SA with a '%s' config", + current_peer->get_name(current_peer)); + entry->checked_out = TRUE; + ike_sa = entry->ike_sa; + break; + } } } enumerator->destroy(enumerator); |