From f7a8fcedc0305dfca7d82adba03c88401240d039 Mon Sep 17 00:00:00 2001 From: Tobias Brunner Date: Wed, 16 Nov 2011 17:28:06 +0100 Subject: Use enum to define IKE version on peer_cfg_t. Replaced all those magic numbers. --- src/libcharon/plugins/android/android_service.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'src/libcharon/plugins/android/android_service.c') diff --git a/src/libcharon/plugins/android/android_service.c b/src/libcharon/plugins/android/android_service.c index 487567f2a..96603ab29 100644 --- a/src/libcharon/plugins/android/android_service.c +++ b/src/libcharon/plugins/android/android_service.c @@ -273,7 +273,7 @@ static job_requeue_t initiate(private_android_service_t *this) hostname, IKEV2_UDP_PORT); ike_cfg->add_proposal(ike_cfg, proposal_create_default(PROTO_IKE)); - peer_cfg = peer_cfg_create("android", 2, ike_cfg, CERT_SEND_IF_ASKED, + peer_cfg = peer_cfg_create("android", IKEV2, ike_cfg, CERT_SEND_IF_ASKED, UNIQUE_REPLACE, 1, /* keyingtries */ 36000, 0, /* rekey 10h, reauth none */ 600, 600, /* jitter, over 10min */ -- cgit v1.2.3 From 3d54ae94d935fa60b3f3228e7a0ad1ba92092e84 Mon Sep 17 00:00:00 2001 From: Martin Willi Date: Wed, 21 Dec 2011 12:05:34 +0100 Subject: Handle initiation of not supported IKE versions properly --- src/libcharon/plugins/android/android_service.c | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) (limited to 'src/libcharon/plugins/android/android_service.c') diff --git a/src/libcharon/plugins/android/android_service.c b/src/libcharon/plugins/android/android_service.c index 96603ab29..8aba925a2 100644 --- a/src/libcharon/plugins/android/android_service.c +++ b/src/libcharon/plugins/android/android_service.c @@ -300,12 +300,17 @@ static job_requeue_t initiate(private_android_service_t *this) 0, "255.255.255.255", 65535); child_cfg->add_traffic_selector(child_cfg, FALSE, ts); peer_cfg->add_child_cfg(peer_cfg, child_cfg); - /* get an additional reference because initiate consumes one */ - child_cfg->get_ref(child_cfg); /* get us an IKE_SA */ ike_sa = charon->ike_sa_manager->checkout_by_config(charon->ike_sa_manager, peer_cfg); + if (!ike_sa) + { + peer_cfg->destroy(peer_cfg); + send_status(this, VPN_ERROR_CONNECTION_FAILED); + return JOB_REQUEUE_NONE; + } + if (!ike_sa->get_peer_cfg(ike_sa)) { ike_sa->set_peer_cfg(ike_sa, peer_cfg); @@ -318,6 +323,8 @@ static job_requeue_t initiate(private_android_service_t *this) /* confirm that we received the request */ send_status(this, i); + /* get an additional reference because initiate consumes one */ + child_cfg->get_ref(child_cfg); if (ike_sa->initiate(ike_sa, child_cfg, 0, NULL, NULL) != SUCCESS) { DBG1(DBG_CFG, "failed to initiate tunnel"); -- cgit v1.2.3 From 5ce59d4c06e000079779fc66cdf9d14995247f3d Mon Sep 17 00:00:00 2001 From: Martin Willi Date: Mon, 9 Jan 2012 16:32:41 +0000 Subject: Added an aggressive mode peer_cfg option --- src/libcharon/plugins/android/android_service.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'src/libcharon/plugins/android/android_service.c') diff --git a/src/libcharon/plugins/android/android_service.c b/src/libcharon/plugins/android/android_service.c index 8aba925a2..62fd52b12 100644 --- a/src/libcharon/plugins/android/android_service.c +++ b/src/libcharon/plugins/android/android_service.c @@ -277,7 +277,7 @@ static job_requeue_t initiate(private_android_service_t *this) UNIQUE_REPLACE, 1, /* keyingtries */ 36000, 0, /* rekey 10h, reauth none */ 600, 600, /* jitter, over 10min */ - TRUE, 0, /* mobike, DPD */ + TRUE, FALSE, 0, /* mobike, aggressive, DPD */ host_create_from_string("0.0.0.0", 0) /* virt */, NULL, FALSE, NULL, NULL); /* pool, mediation */ -- cgit v1.2.3