aboutsummaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/libcharon/sa/ikev1/tasks/aggressive_mode.c30
-rw-r--r--src/libcharon/sa/ikev1/tasks/main_mode.c26
2 files changed, 28 insertions, 28 deletions
diff --git a/src/libcharon/sa/ikev1/tasks/aggressive_mode.c b/src/libcharon/sa/ikev1/tasks/aggressive_mode.c
index 8fa2d525e..1b6ccc558 100644
--- a/src/libcharon/sa/ikev1/tasks/aggressive_mode.c
+++ b/src/libcharon/sa/ikev1/tasks/aggressive_mode.c
@@ -293,14 +293,6 @@ METHOD(task_t, build_i, status_t,
}
this->id_data = chunk_empty;
- if (charon->ike_sa_manager->check_uniqueness(charon->ike_sa_manager,
- this->ike_sa, FALSE))
- {
- DBG1(DBG_IKE, "cancelling Aggressive Mode due to uniqueness "
- "policy");
- return send_notify(this, AUTHENTICATION_FAILED);
- }
-
switch (this->method)
{
case AUTH_XAUTH_INIT_PSK:
@@ -314,6 +306,13 @@ METHOD(task_t, build_i, status_t,
/* TODO-IKEv1: not yet */
return FAILED;
default:
+ if (charon->ike_sa_manager->check_uniqueness(
+ charon->ike_sa_manager, this->ike_sa, FALSE))
+ {
+ DBG1(DBG_IKE, "cancelling Aggressive Mode due to "
+ "uniqueness policy");
+ return send_notify(this, AUTHENTICATION_FAILED);
+ }
if (!establish(this))
{
return send_notify(this, AUTHENTICATION_FAILED);
@@ -466,14 +465,6 @@ METHOD(task_t, process_r, status_t,
return send_delete(this);
}
- if (charon->ike_sa_manager->check_uniqueness(charon->ike_sa_manager,
- this->ike_sa, FALSE))
- {
- DBG1(DBG_IKE, "cancelling Aggressive Mode due to uniqueness "
- "policy");
- return send_delete(this);
- }
-
switch (this->method)
{
case AUTH_XAUTH_INIT_PSK:
@@ -488,6 +479,13 @@ METHOD(task_t, process_r, status_t,
/* TODO-IKEv1: not yet supported */
return FAILED;
default:
+ if (charon->ike_sa_manager->check_uniqueness(
+ charon->ike_sa_manager, this->ike_sa, FALSE))
+ {
+ DBG1(DBG_IKE, "cancelling Aggressive Mode due to "
+ "uniqueness policy");
+ return send_delete(this);
+ }
if (!establish(this))
{
return send_delete(this);
diff --git a/src/libcharon/sa/ikev1/tasks/main_mode.c b/src/libcharon/sa/ikev1/tasks/main_mode.c
index 419c9d36d..11bdc1d2a 100644
--- a/src/libcharon/sa/ikev1/tasks/main_mode.c
+++ b/src/libcharon/sa/ikev1/tasks/main_mode.c
@@ -493,12 +493,6 @@ METHOD(task_t, build_r, status_t,
{
return send_notify(this, AUTHENTICATION_FAILED);
}
- if (charon->ike_sa_manager->check_uniqueness(charon->ike_sa_manager,
- this->ike_sa, FALSE))
- {
- DBG1(DBG_IKE, "cancelling Main Mode due to uniqueness policy");
- return send_notify(this, AUTHENTICATION_FAILED);
- }
switch (this->method)
{
@@ -514,6 +508,13 @@ METHOD(task_t, build_r, status_t,
/* TODO-IKEv1: not yet supported */
return FAILED;
default:
+ if (charon->ike_sa_manager->check_uniqueness(
+ charon->ike_sa_manager, this->ike_sa, FALSE))
+ {
+ DBG1(DBG_IKE, "cancelling Main Mode due to uniqueness "
+ "policy");
+ return send_notify(this, AUTHENTICATION_FAILED);
+ }
if (!establish(this))
{
return send_notify(this, AUTHENTICATION_FAILED);
@@ -622,12 +623,6 @@ METHOD(task_t, process_i, status_t,
"cancelling");
return send_delete(this);
}
- if (charon->ike_sa_manager->check_uniqueness(charon->ike_sa_manager,
- this->ike_sa, FALSE))
- {
- DBG1(DBG_IKE, "cancelling Main Mode due to uniqueness policy");
- return send_delete(this);
- }
switch (this->method)
{
@@ -642,6 +637,13 @@ METHOD(task_t, process_i, status_t,
/* TODO-IKEv1: not yet */
return FAILED;
default:
+ if (charon->ike_sa_manager->check_uniqueness(
+ charon->ike_sa_manager, this->ike_sa, FALSE))
+ {
+ DBG1(DBG_IKE, "cancelling Main Mode due to uniqueness "
+ "policy");
+ return send_delete(this);
+ }
if (!establish(this))
{
return send_delete(this);
generated by cgit v1.2.3 (git 2.25.1) at 2025-09-15 12:06:01 +0000