diff options
| -rw-r--r-- | NEWS | 3 | ||||
| -rw-r--r-- | src/libcharon/sa/tasks/ike_auth.c | 3 |
2 files changed, 4 insertions, 2 deletions
@@ -42,7 +42,8 @@ strongswan-4.5.1 xcbc algorithms. - The IKEv2 daemon supports the INITIAL_CONTACT notify as initiator and - responder. + responder. The notify is sent when initiating configurations with a unique + policy, set in ipsec.conf via the global 'uniqueids' option. - The conftest conformance testing framework enables the IKEv2 stack to perform many tests using a distinct tool and configuration frontend. Various hooks diff --git a/src/libcharon/sa/tasks/ike_auth.c b/src/libcharon/sa/tasks/ike_auth.c index e48916eb2..178989a0a 100644 --- a/src/libcharon/sa/tasks/ike_auth.c +++ b/src/libcharon/sa/tasks/ike_auth.c @@ -429,7 +429,8 @@ static status_t build_i(private_ike_auth_t *this, message_t *message) get_reserved_id_bytes(this, id_payload); message->add_payload(message, (payload_t*)id_payload); - if (idr && message->get_message_id(message)) + if (idr && message->get_message_id(message) == 1 && + this->peer_cfg->get_unique_policy(this->peer_cfg) != UNIQUE_NO) { host_t *host; |