diff options
| author | Adrian-Ken Rueegsegger <ken@codelabs.ch> | 2012-12-19 15:58:17 +0100 |
|---|---|---|
| committer | Tobias Brunner <tobias@strongswan.org> | 2013-03-19 15:23:50 +0100 |
| commit | 89b1d5f32c00283e471a51d3c26baf0919dd890c (patch) | |
| tree | c9ae01c912362f70f06b139d99ef1188f2330494 /src | |
| parent | 140a6b7b34f5f0f7694da74195fd90454298c9a6 (diff) | |
| download | strongswan-89b1d5f32c00283e471a51d3c26baf0919dd890c.tar.bz2 strongswan-89b1d5f32c00283e471a51d3c26baf0919dd890c.tar.xz | |
Call isa_skip_create_first when keeping IKE SA
An ALERT_KEEP_ON_CHILD_SA_FAILURE alert is issued when child SA establishment
fails but the corresponding IKE SA is not destroyed. To allow later creation
of child SAs the ISA context must be signaled that the implicity first child SA
creation was skipped.
Diffstat (limited to 'src')
| -rw-r--r-- | src/charon-tkm/src/tkm/tkm_listener.c | 20 |
1 files changed, 20 insertions, 0 deletions
diff --git a/src/charon-tkm/src/tkm/tkm_listener.c b/src/charon-tkm/src/tkm/tkm_listener.c index 1ec8e122a..47cfef5ac 100644 --- a/src/charon-tkm/src/tkm/tkm_listener.c +++ b/src/charon-tkm/src/tkm/tkm_listener.c @@ -194,6 +194,25 @@ static bool build_cert_chain(const ike_sa_t * const ike_sa, cc_id_type cc_id) return FALSE; } +METHOD(listener_t, alert, bool, + private_tkm_listener_t *this, ike_sa_t *ike_sa, + alert_t alert, va_list args) +{ + if (alert == ALERT_KEEP_ON_CHILD_SA_FAILURE) + { + tkm_keymat_t * const keymat = (tkm_keymat_t*)ike_sa->get_keymat(ike_sa); + const isa_id_type isa_id = keymat->get_isa_id(keymat); + DBG1(DBG_IKE, "TKM alert listener called for ISA context %llu", isa_id); + if (ike_isa_skip_create_first(isa_id) != TKM_OK) + { + DBG1(DBG_IKE, "Skip of first child SA creation failed for ISA " + "context %llu", isa_id); + } + } + + return TRUE; +} + METHOD(listener_t, authorize, bool, private_tkm_listener_t *this, ike_sa_t *ike_sa, bool final, bool *success) @@ -305,6 +324,7 @@ tkm_listener_t *tkm_listener_create() .listener = { .authorize = _authorize, .message = _message, + .alert = _alert, }, .destroy = _destroy, }, |