IKEv1 XAuth: Added temporary "initiate_xauth" public method to ike_sa_t. This allows us to initiate an XAuth password authentication exchange after responding to the final message of Main Mode. This change should be reverted once we have a better method to initiate this exchange.

2 files changed, 18 insertions, 0 deletions

diff --git a/src/libcharon/sa/ike_sa.c b/src/libcharon/sa/ike_sa.c
index 6be8471f2..088fd0ab5 100644
--- a/src/libcharon/sa/ike_sa.c
+++ b/src/libcharon/sa/ike_sa.c
@@ -2129,6 +2129,18 @@ METHOD(ike_sa_t, destroy, void,
 	free(this);
 }
 
+METHOD(ike_sa_t, initiate_xauth, void,
+			 private_ike_sa_t *this)
+{
+	if(this->extensions & EXT_XAUTH)
+	{
+		xauth_request_t *xauth_request_task = xauth_request_create(&this->public, TRUE);
+		this->task_manager->queue_task(this->task_manager, (task_t*)xauth_request_task);
+
+		this->task_manager->initiate_later(this->task_manager);
+	}
+}
+
 /*
  * Described in header.
  */
@@ -2218,6 +2230,7 @@ ike_sa_t * ike_sa_create(ike_sa_id_t *ike_sa_id, bool initiator,
 			.callback = _callback,
 			.respond = _respond,
 #endif /* ME */
+			.initiate_xauth = _initiate_xauth,
 		},
 		.ike_sa_id = ike_sa_id->clone(ike_sa_id),
 		.version = version,
diff --git a/src/libcharon/sa/ike_sa.h b/src/libcharon/sa/ike_sa.h
index 2753fca1c..f21585525 100644
--- a/src/libcharon/sa/ike_sa.h
+++ b/src/libcharon/sa/ike_sa.h
@@ -958,6 +958,11 @@ struct ike_sa_t {
 	 * Destroys a ike_sa_t object.
 	 */
 	void (*destroy) (ike_sa_t *this);
+
+	/**
+	 * Initiate an XAuth transaction
+	 */
+	void (*initiate_xauth) (ike_sa_t *this);
 };
 
 /**