aboutsummaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/charon/sa/tasks/ike_rekey.c28
1 files changed, 27 insertions, 1 deletions
diff --git a/src/charon/sa/tasks/ike_rekey.c b/src/charon/sa/tasks/ike_rekey.c
index 242f2098d..60410dbd1 100644
--- a/src/charon/sa/tasks/ike_rekey.c
+++ b/src/charon/sa/tasks/ike_rekey.c
@@ -144,7 +144,7 @@ static status_t build_r(private_ike_rekey_t *this, message_t *message)
message->add_notify(message, TRUE, NO_PROPOSAL_CHOSEN, chunk_empty);
return SUCCESS;
}
-
+
if (this->ike_init->task.build(&this->ike_init->task, message) == FAILED)
{
return SUCCESS;
@@ -170,7 +170,33 @@ static status_t process_i(private_ike_rekey_t *this, message_t *message)
{
job_t *job;
ike_sa_id_t *to_delete;
+ iterator_t *iterator;
+ payload_t *payload;
+ /* handle NO_ADDITIONAL_SAS notify */
+ iterator = message->get_payload_iterator(message);
+ while (iterator->iterate(iterator, (void**)&payload))
+ {
+ if (payload->get_type(payload) == NOTIFY)
+ {
+ notify_payload_t *notify = (notify_payload_t*)payload;
+ notify_type_t type = notify->get_notify_type(notify);
+
+ if (type == NO_ADDITIONAL_SAS)
+ {
+ DBG1(DBG_IKE, "peer seems to not support IKE rekeying, "
+ "starting reauthentication");
+ this->ike_sa->set_state(this->ike_sa, IKE_ESTABLISHED);
+ charon->processor->queue_job(charon->processor,
+ (job_t*)rekey_ike_sa_job_create(
+ this->ike_sa->get_id(this->ike_sa), TRUE));
+ iterator->destroy(iterator);
+ return SUCCESS;
+ }
+ }
+ }
+ iterator->destroy(iterator);
+
switch (this->ike_init->task.process(&this->ike_init->task, message))
{
case FAILED:
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-21 22:45:01 +0000