diff options
| author | Martin Willi <martin@revosec.ch> | 2012-01-10 17:26:42 +0100 |
|---|---|---|
| committer | Martin Willi <martin@revosec.ch> | 2012-03-20 17:31:35 +0100 |
| commit | ff6b084ac4e9ca27a306a2836f7b341d9129ea5b (patch) | |
| tree | 28cc7d62ba82549e0b2d9295229f16cc20728b91 /src | |
| parent | 2ddd45c9a76a77d673cca5ce0bd2ea0bb7ee859a (diff) | |
| download | strongswan-ff6b084ac4e9ca27a306a2836f7b341d9129ea5b.tar.bz2 strongswan-ff6b084ac4e9ca27a306a2836f7b341d9129ea5b.tar.xz | |
Confirm message reception time only if DPD sequence number valid
Diffstat (limited to 'src')
| -rwxr-xr-x | src/libcharon/sa/ikev1/task_manager_v1.c | 11 | ||||
| -rwxr-xr-x | src/libcharon/sa/ikev1/tasks/isakmp_dpd.c | 2 |
2 files changed, 10 insertions, 3 deletions
diff --git a/src/libcharon/sa/ikev1/task_manager_v1.c b/src/libcharon/sa/ikev1/task_manager_v1.c index ec5eee155..562a9eb42 100755 --- a/src/libcharon/sa/ikev1/task_manager_v1.c +++ b/src/libcharon/sa/ikev1/task_manager_v1.c @@ -735,7 +735,7 @@ static status_t process_request(private_task_manager_t *this, { enumerator_t *enumerator; task_t *task = NULL; - bool send_response = FALSE; + bool send_response = FALSE, dpd = FALSE; notify_payload_t *notify; chunk_t data; @@ -790,11 +790,13 @@ static status_t process_request(private_task_manager_t *this, } task = (task_t *)isakmp_dpd_create(this->ike_sa, FALSE, this->dpd_recv++); + dpd = TRUE; } else if (message->get_notify(message, DPD_R_U_THERE_ACK)) { task = (task_t *)isakmp_dpd_create(this->ike_sa, TRUE, this->dpd_send - 1); + dpd = TRUE; } else { @@ -817,6 +819,11 @@ static status_t process_request(private_task_manager_t *this, return FAILED; } } + if (!dpd) + { + this->ike_sa->set_statistic(this->ike_sa, STAT_INBOUND, + time_monotonic(NULL)); + } /* let the tasks process the message */ enumerator = this->passive_tasks->create_enumerator(this->passive_tasks); while (enumerator->enumerate(enumerator, (void*)&task)) @@ -1117,8 +1124,6 @@ METHOD(task_manager_t, process_message, status_t, lib->settings->get_int(lib->settings, "charon.half_open_timeout", HALF_OPEN_IKE_SA_TIMEOUT)); } - this->ike_sa->set_statistic(this->ike_sa, STAT_INBOUND, - time_monotonic(NULL)); this->ike_sa->update_hosts(this->ike_sa, me, other, TRUE); charon->bus->message(charon->bus, msg, TRUE); if (process_request(this, msg) != SUCCESS) diff --git a/src/libcharon/sa/ikev1/tasks/isakmp_dpd.c b/src/libcharon/sa/ikev1/tasks/isakmp_dpd.c index e2ed17dcd..e470e90ad 100755 --- a/src/libcharon/sa/ikev1/tasks/isakmp_dpd.c +++ b/src/libcharon/sa/ikev1/tasks/isakmp_dpd.c @@ -91,6 +91,8 @@ METHOD(task_t, process, status_t, seqnr = untoh32(chunk.ptr); if (seqnr == this->seqnr) { + this->ike_sa->set_statistic(this->ike_sa, STAT_INBOUND, + time_monotonic(NULL)); if (!this->initiator) { /* queue DPD_ACK */ this->ike_sa->queue_task(this->ike_sa, |