From d6ffa85feaf443afca66e77249159ef928e3d35e Mon Sep 17 00:00:00 2001 From: Tobias Brunner Date: Fri, 16 Sep 2016 17:37:59 +0200 Subject: ikev2: Negotiate support for IKE message ID synchronisation during IKE_AUTH --- src/libcharon/sa/ikev2/tasks/ike_auth.c | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'src/libcharon/sa/ikev2/tasks/ike_auth.c') diff --git a/src/libcharon/sa/ikev2/tasks/ike_auth.c b/src/libcharon/sa/ikev2/tasks/ike_auth.c index 1e47144dc..53daaf2ad 100644 --- a/src/libcharon/sa/ikev2/tasks/ike_auth.c +++ b/src/libcharon/sa/ikev2/tasks/ike_auth.c @@ -417,6 +417,9 @@ METHOD(task_t, build_i, status_t, /* indicate support for EAP-only authentication */ message->add_notify(message, FALSE, EAP_ONLY_AUTHENTICATION, chunk_empty); + /* indicate support for RFC 6311 Message ID synchronization */ + message->add_notify(message, FALSE, IKEV2_MESSAGE_ID_SYNC_SUPPORTED, + chunk_empty); } if (!this->do_another_auth && !this->my_auth) @@ -992,6 +995,10 @@ METHOD(task_t, process_i, status_t, DBG1(DBG_IKE, "received invalid REDIRECT notify"); } break; + case IKEV2_MESSAGE_ID_SYNC_SUPPORTED: + this->ike_sa->enable_extension(this->ike_sa, + EXT_IKE_MESSAGE_ID_SYNC); + break; default: { if (type <= 16383) -- cgit v1.2.3