diff options
| author | Martin Willi <martin@revosec.ch> | 2012-07-26 15:45:49 +0200 |
|---|---|---|
| committer | Martin Willi <martin@revosec.ch> | 2012-07-26 15:45:49 +0200 |
| commit | 777bcdc0d5c96ee8036f2aa417fd455852f4ef8d (patch) | |
| tree | 724181fc293a3b4bf68a6391625d9caa02460b9b /src | |
| parent | 8b560a45659f7ee3b839d71a07c0fefaf78dae36 (diff) | |
| download | strongswan-777bcdc0d5c96ee8036f2aa417fd455852f4ef8d.tar.bz2 strongswan-777bcdc0d5c96ee8036f2aa417fd455852f4ef8d.tar.xz | |
Don't include acquiring packet traffic selectors in IKEv1
As we only can negotiate a single TS in IKEv1, don't prepend the
triggering packet TS, as we do in IKEv2. Otherwise we don't establish
the TS of the configuration, but only that of the triggering packet.
Fixes #207.
Diffstat (limited to 'src')
| -rw-r--r-- | src/libcharon/sa/trap_manager.c | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/src/libcharon/sa/trap_manager.c b/src/libcharon/sa/trap_manager.c index e03e30695..b3d9e1597 100644 --- a/src/libcharon/sa/trap_manager.c +++ b/src/libcharon/sa/trap_manager.c @@ -290,6 +290,11 @@ METHOD(trap_manager_t, acquire, void, { ike_sa->set_peer_cfg(ike_sa, peer); } + if (ike_sa->get_version(ike_sa) == IKEV1) + { /* in IKEv1, don't prepend the acquiring packet TS, as we only + * have a single TS that we can establish in a Quick Mode. */ + src = dst = NULL; + } if (ike_sa->initiate(ike_sa, child, reqid, src, dst) != DESTROY_ME) { /* make sure the entry is still there */ |