aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--src/starter/starterstroke.c23
1 files changed, 18 insertions, 5 deletions
diff --git a/src/starter/starterstroke.c b/src/starter/starterstroke.c
index 25a66a0f3..719a346d6 100644
--- a/src/starter/starterstroke.c
+++ b/src/starter/starterstroke.c
@@ -125,11 +125,24 @@ int starter_stroke_add_conn(starter_conn_t *conn)
msg.length = offsetof(stroke_msg_t, buffer);
msg.add_conn.ikev2 = conn->keyexchange == KEY_EXCHANGE_IKEV2;
msg.add_conn.name = push_string(&msg, connection_name(conn));
- msg.add_conn.rekey.ipsec_lifetime = conn->sa_ipsec_life_seconds;
- msg.add_conn.rekey.ike_lifetime = conn->sa_ike_life_seconds;
- msg.add_conn.rekey.margin = conn->sa_rekey_margin;
- msg.add_conn.rekey.tries = conn->sa_keying_tries;
- msg.add_conn.rekey.fuzz = conn->sa_rekey_fuzz;
+ if (conn->policy & POLICY_DONT_REKEY)
+ {
+ msg.add_conn.rekey.ipsec_lifetime = 0;
+ msg.add_conn.rekey.ike_lifetime = 0;
+ msg.add_conn.rekey.margin = 0;
+ msg.add_conn.rekey.tries = 0;
+ msg.add_conn.rekey.fuzz = 0;
+ }
+ else
+ {
+ msg.add_conn.rekey.ipsec_lifetime = conn->sa_ipsec_life_seconds;
+ msg.add_conn.rekey.ike_lifetime = conn->sa_ike_life_seconds;
+ msg.add_conn.rekey.margin = conn->sa_rekey_margin;
+ msg.add_conn.rekey.tries = conn->sa_keying_tries;
+ msg.add_conn.rekey.fuzz = conn->sa_rekey_fuzz;
+ }
+ msg.add_conn.algorithms.ike = push_string(&msg, conn->ike);
+ msg.add_conn.algorithms.esp = push_string(&msg, conn->esp);
starter_stroke_add_end(&msg, &msg.add_conn.me, &conn->right);
starter_stroke_add_end(&msg, &msg.add_conn.other, &conn->left);
generated by cgit v1.2.3 (git 2.25.1) at 2025-09-14 18:32:23 +0000