aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--src/libcharon/sa/ike_sa.c15
1 files changed, 12 insertions, 3 deletions
diff --git a/src/libcharon/sa/ike_sa.c b/src/libcharon/sa/ike_sa.c
index 6ffbd55bd..3bfd149f2 100644
--- a/src/libcharon/sa/ike_sa.c
+++ b/src/libcharon/sa/ike_sa.c
@@ -487,8 +487,9 @@ METHOD(ike_sa_t, send_keepalive, void,
send_keepalive_job_t *job;
time_t last_out, now, diff;
- if (!(this->conditions & COND_NAT_HERE) || this->keepalive_interval == 0)
- { /* disable keep alives if we are not NATed anymore */
+ if (!(this->conditions & COND_NAT_HERE) || this->keepalive_interval == 0 ||
+ this->state == IKE_PASSIVE)
+ { /* disable keep alives if we are not NATed anymore, or we are passive */
return;
}
@@ -651,7 +652,7 @@ METHOD(ike_sa_t, get_state, ike_sa_state_t,
METHOD(ike_sa_t, set_state, void,
private_ike_sa_t *this, ike_sa_state_t state)
{
- bool trigger_dpd = FALSE;
+ bool trigger_dpd = FALSE, keepalives = FALSE;
DBG2(DBG_IKE, "IKE_SA %s[%d] state change: %N => %N",
get_name(this), this->unique_id,
@@ -722,6 +723,10 @@ METHOD(ike_sa_t, set_state, void,
* so yet, so prevent that. */
this->stats[STAT_INBOUND] = this->stats[STAT_ESTABLISHED];
}
+ if (this->state == IKE_PASSIVE)
+ {
+ keepalives = TRUE;
+ }
}
break;
}
@@ -742,6 +747,10 @@ METHOD(ike_sa_t, set_state, void,
DBG1(DBG_IKE, "DPD not supported by peer, disabled");
}
}
+ if (keepalives)
+ {
+ send_keepalive(this);
+ }
}
METHOD(ike_sa_t, reset, void,
generated by cgit v1.2.3 (git 2.25.1) at 2024-10-05 11:15:29 +0000