aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--src/starter/confread.c5
-rw-r--r--src/starter/starterstroke.c2
2 files changed, 3 insertions, 4 deletions
diff --git a/src/starter/confread.c b/src/starter/confread.c
index a7db61625..cc2c98186 100644
--- a/src/starter/confread.c
+++ b/src/starter/confread.c
@@ -67,8 +67,7 @@ static void default_values(starter_config_t *cfg)
cfg->conn_default.seen = LEMPTY;
cfg->conn_default.startup = STARTUP_NO;
cfg->conn_default.state = STATE_IGNORE;
- cfg->conn_default.policy = POLICY_ENCRYPT | POLICY_TUNNEL | POLICY_RSASIG |
- POLICY_PFS | POLICY_REAUTH;
+ cfg->conn_default.policy = POLICY_ENCRYPT | POLICY_TUNNEL | POLICY_RSASIG | POLICY_PFS ;
cfg->conn_default.ike = clone_str(ike_defaults, "ike_defaults");
cfg->conn_default.esp = clone_str(esp_defaults, "esp_defaults");
@@ -449,7 +448,7 @@ load_conn(starter_conn_t *conn, kw_list_t *kw, starter_config_t *cfg)
KW_POLICY_FLAG("no", "yes", POLICY_DONT_REKEY)
break;
case KW_REAUTH:
- KW_POLICY_FLAG("yes", "no", POLICY_REAUTH)
+ KW_POLICY_FLAG("no", "yes", POLICY_DONT_REAUTH)
break;
case KW_MODECONFIG:
KW_POLICY_FLAG("push", "pull", POLICY_MODECFG_PUSH)
diff --git a/src/starter/starterstroke.c b/src/starter/starterstroke.c
index 41f67c891..dc81acf8a 100644
--- a/src/starter/starterstroke.c
+++ b/src/starter/starterstroke.c
@@ -206,7 +206,7 @@ int starter_stroke_add_conn(starter_conn_t *conn)
}
else
{
- msg.add_conn.rekey.reauth = (conn->policy & POLICY_REAUTH);
+ msg.add_conn.rekey.reauth = (conn->policy & POLICY_DONT_REAUTH) == LEMPTY;
msg.add_conn.rekey.ipsec_lifetime = conn->sa_ipsec_life_seconds;
msg.add_conn.rekey.ike_lifetime = conn->sa_ike_life_seconds;
msg.add_conn.rekey.margin = conn->sa_rekey_margin;
generated by cgit v1.2.3 (git 2.25.1) at 2025-09-12 23:31:09 +0000