diff options
Diffstat (limited to 'src/charon/sa')
| -rw-r--r-- | src/charon/sa/child_sa.c | 10 | ||||
| -rw-r--r-- | src/charon/sa/ike_sa.c | 4 | ||||
| -rw-r--r-- | src/charon/sa/task_manager.c | 11 | ||||
| -rw-r--r-- | src/charon/sa/tasks/ike_mobike.c | 15 |
4 files changed, 25 insertions, 15 deletions
diff --git a/src/charon/sa/child_sa.c b/src/charon/sa/child_sa.c index 118af3b30..44f0298d5 100644 --- a/src/charon/sa/child_sa.c +++ b/src/charon/sa/child_sa.c @@ -832,6 +832,16 @@ static status_t update_hosts(private_child_sa_t *this, { policy->other_ts->set_address(policy->other_ts, other); } + + /* we reinstall the virtual IP to handle interface romaing + * correctly */ + if (this->virtual_ip) + { + charon->kernel_interface->del_ip(charon->kernel_interface, + this->virtual_ip); + charon->kernel_interface->add_ip(charon->kernel_interface, + this->virtual_ip, me); + } /* reinstall updated policies */ charon->kernel_interface->add_policy(charon->kernel_interface, diff --git a/src/charon/sa/ike_sa.c b/src/charon/sa/ike_sa.c index 380fec1de..0c0e1792c 100644 --- a/src/charon/sa/ike_sa.c +++ b/src/charon/sa/ike_sa.c @@ -664,14 +664,14 @@ static void set_virtual_ip(private_ike_sa_t *this, bool local, host_t *ip) { if (local) { - DBG1(DBG_IKE, "installing new virtual IP %H", ip); if (this->my_virtual_ip) - { + { DBG1(DBG_IKE, "removing old virtual IP %H", this->my_virtual_ip); charon->kernel_interface->del_ip(charon->kernel_interface, this->my_virtual_ip); this->my_virtual_ip->destroy(this->my_virtual_ip); } + DBG1(DBG_IKE, "installing new virtual IP %H", ip); if (charon->kernel_interface->add_ip(charon->kernel_interface, ip, this->my_host) == SUCCESS) { diff --git a/src/charon/sa/task_manager.c b/src/charon/sa/task_manager.c index a44f88b15..30e870422 100644 --- a/src/charon/sa/task_manager.c +++ b/src/charon/sa/task_manager.c @@ -809,10 +809,17 @@ static status_t process_message(private_task_manager_t *this, message_t *msg) } else if ((mid == this->responding.mid - 1) && this->responding.packet) { + packet_t *clone; + host_t *me, *other; + DBG1(DBG_IKE, "received retransmit of request with ID %d, " "retransmitting response", mid); - charon->sender->send(charon->sender, - this->responding.packet->clone(this->responding.packet)); + clone = this->responding.packet->clone(this->responding.packet); + me = msg->get_destination(msg); + other = msg->get_source(msg); + clone->set_source(clone, me->clone(me)); + clone->set_destination(clone, other->clone(other)); + charon->sender->send(charon->sender, clone); } else { diff --git a/src/charon/sa/tasks/ike_mobike.c b/src/charon/sa/tasks/ike_mobike.c index aee75fbdb..a32f7e5e0 100644 --- a/src/charon/sa/tasks/ike_mobike.c +++ b/src/charon/sa/tasks/ike_mobike.c @@ -217,17 +217,6 @@ static void update_children(private_ike_mobike_t *this) { iterator_t *iterator; child_sa_t *child_sa; - host_t *ip; - - /* additionally, we reinstall the virtual IP as we may have changed - * our interface */ - ip = this->ike_sa->get_virtual_ip(this->ike_sa, TRUE); - if (ip) - { - ip = ip->clone(ip); - this->ike_sa->set_virtual_ip(this->ike_sa, TRUE, ip); - ip->destroy(ip); - } iterator = this->ike_sa->create_child_sa_iterator(this->ike_sa); while (iterator->iterate(iterator, (void**)&child_sa)) @@ -279,6 +268,7 @@ static void transmit(private_ike_mobike_t *this, packet_t *packet) other = other->clone(other); other->set_port(other, other->ip_equals(other, other_old) ? other_old->get_port(other_old) : IKEV2_NATT_PORT); + DBG1(DBG_IKE, "checking path %#H - %#H", me, other); copy = packet->clone(packet); copy->set_source(copy, me); copy->set_destination(copy, other); @@ -286,6 +276,9 @@ static void transmit(private_ike_mobike_t *this, packet_t *packet) } } iterator->destroy(iterator); + me = packet->get_source(packet); + other = packet->get_destination(packet); + DBG1(DBG_IKE, "checking path %#H - %#H", me, other); } /** |