Navigation

Changeset 4659

Timestamp:

11/14/08 15:05:47 (2 months ago)

Author:

martin

Message:

fallback to reauthentication if peer does not support CHILD_SA rekeying

Files:

r3589	r4659
24	24	#include <sa/tasks/child_delete.h>
25	25	#include <processing/jobs/rekey_child_sa_job.h>
	26	#include <processing/jobs/rekey_ike_sa_job.h>
26	27
27	28
…	…
178	179	u_int32_t spi;
179	180	child_sa_t *to_delete;
	181	iterator_t *iterator;
	182	payload_t *payload;
	183
	184	/* handle NO_ADDITIONAL_SAS notify */
	185	iterator = message->get_payload_iterator(message);
	186	while (iterator->iterate(iterator, (void**)&payload))
	187	{
	188	if (payload->get_type(payload) == NOTIFY)
	189	{
	190	notify_payload_t notify = (notify_payload_t)payload;
	191
	192	if (notify->get_notify_type(notify) == NO_ADDITIONAL_SAS)
	193	{
	194	DBG1(DBG_IKE, "peer seems to not support CHILD_SA rekeying, "
	195	"starting reauthentication");
	196	this->child_sa->set_state(this->child_sa, CHILD_INSTALLED);
	197	charon->processor->queue_job(charon->processor,
	198	(job_t*)rekey_ike_sa_job_create(
	199	this->ike_sa->get_id(this->ike_sa), TRUE));
	200	iterator->destroy(iterator);
	201	return SUCCESS;
	202	}
	203	}
	204	}
	205	iterator->destroy(iterator);
180	206
181	207	if (this->child_create->task.process(&this->child_create->task, message) == NEED_MORE)

r4658	r4659
181	181	{
182	182	notify_payload_t notify = (notify_payload_t)payload;
183		~~notify_type_t type = notify->get_notify_type(notify);~~
184	183
185		if (~~type~~ == NO_ADDITIONAL_SAS)
	184	if (notify->get_notify_type(notify) == NO_ADDITIONAL_SAS)
186	185	{
187	186	DBG1(DBG_IKE, "peer seems to not support IKE rekeying, "