diff options
| author | Martin Willi <martin@revosec.ch> | 2012-01-09 16:33:15 +0000 |
|---|---|---|
| committer | Martin Willi <martin@revosec.ch> | 2012-03-20 17:31:34 +0100 |
| commit | 91c212fd6a69b3ecc721b091880b7c01ba9779b7 (patch) | |
| tree | 913f6898520249a898a79e38e1203ef75b7d3348 /src | |
| parent | 5ce59d4c06e000079779fc66cdf9d14995247f3d (diff) | |
| download | strongswan-91c212fd6a69b3ecc721b091880b7c01ba9779b7.tar.bz2 strongswan-91c212fd6a69b3ecc721b091880b7c01ba9779b7.tar.xz | |
Select IKEv1 configurations by main/aggressive mode option
Diffstat (limited to 'src')
| -rw-r--r-- | src/libcharon/sa/ikev1/phase1.c | 6 | ||||
| -rw-r--r-- | src/libcharon/sa/ikev1/phase1.h | 3 | ||||
| -rw-r--r-- | src/libcharon/sa/ikev1/tasks/aggressive_mode.c | 2 | ||||
| -rw-r--r-- | src/libcharon/sa/ikev1/tasks/main_mode.c | 2 |
4 files changed, 8 insertions, 5 deletions
diff --git a/src/libcharon/sa/ikev1/phase1.c b/src/libcharon/sa/ikev1/phase1.c index 8d844ac5a..ed5fbe5c9 100644 --- a/src/libcharon/sa/ikev1/phase1.c +++ b/src/libcharon/sa/ikev1/phase1.c @@ -416,7 +416,8 @@ METHOD(phase1_t, get_auth_method, auth_method_t, } METHOD(phase1_t, select_config, peer_cfg_t*, - private_phase1_t *this, auth_method_t method, identification_t *id) + private_phase1_t *this, auth_method_t method, bool aggressive, + identification_t *id) { enumerator_t *enumerator; peer_cfg_t *current, *found = NULL; @@ -430,7 +431,8 @@ METHOD(phase1_t, select_config, peer_cfg_t*, me, other, NULL, id, IKEV1); while (enumerator->enumerate(enumerator, ¤t)) { - if (get_auth_method(this, current) == method) + if (get_auth_method(this, current) == method && + current->use_aggressive(current) == aggressive) { found = current->get_ref(current); break; diff --git a/src/libcharon/sa/ikev1/phase1.h b/src/libcharon/sa/ikev1/phase1.h index 22b9dd68a..994c85be7 100644 --- a/src/libcharon/sa/ikev1/phase1.h +++ b/src/libcharon/sa/ikev1/phase1.h @@ -91,11 +91,12 @@ struct phase1_t { * Select a peer config as responder. * * @param method used authentication method + * @param aggressive TRUE to get an aggressive mode config * @param id initiator identity * @return selected peer config, NULL if none found */ peer_cfg_t* (*select_config)(phase1_t *this, auth_method_t method, - identification_t *id); + bool aggressive, identification_t *id); /** * Get configured identity from peer config. diff --git a/src/libcharon/sa/ikev1/tasks/aggressive_mode.c b/src/libcharon/sa/ikev1/tasks/aggressive_mode.c index 2c4e14e43..483351db2 100644 --- a/src/libcharon/sa/ikev1/tasks/aggressive_mode.c +++ b/src/libcharon/sa/ikev1/tasks/aggressive_mode.c @@ -380,7 +380,7 @@ METHOD(task_t, process_r, status_t, this->id_data = id_payload->get_encoded(id_payload); this->ike_sa->set_other_id(this->ike_sa, id); this->peer_cfg = this->ph1->select_config(this->ph1, - this->method, id); + this->method, TRUE, id); if (!this->peer_cfg) { DBG1(DBG_IKE, "no peer config found"); diff --git a/src/libcharon/sa/ikev1/tasks/main_mode.c b/src/libcharon/sa/ikev1/tasks/main_mode.c index a3b567870..52c2258e5 100644 --- a/src/libcharon/sa/ikev1/tasks/main_mode.c +++ b/src/libcharon/sa/ikev1/tasks/main_mode.c @@ -393,7 +393,7 @@ METHOD(task_t, process_r, status_t, id = id_payload->get_identification(id_payload); this->ike_sa->set_other_id(this->ike_sa, id); this->peer_cfg = this->ph1->select_config(this->ph1, - this->method, id); + this->method, FALSE, id); if (!this->peer_cfg) { DBG1(DBG_IKE, "no peer config found"); |