Imported Upstream version 5.3.0

author: Yves-Alexis Perez <corsac@debian.org> 2015-04-11 22:03:59 +0200
committer: Yves-Alexis Perez <corsac@debian.org> 2015-04-11 22:03:59 +0200
commit: 83b8aebb19fe6e49e13a05d4e8f5ab9a06177642 (patch)
tree: 51255545ba43b84aa5d673bd0eb557cbd0155c9e /src/libcharon/sa/ike_sa.h
parent: 2b8de74ff4c334c25e89988c4a401b24b5bcf03d (diff)
download: vyos-strongswan-83b8aebb19fe6e49e13a05d4e8f5ab9a06177642.tar.gz
vyos-strongswan-83b8aebb19fe6e49e13a05d4e8f5ab9a06177642.zip
1 files changed, 8 insertions, 2 deletions
diff --git a/src/libcharon/sa/ike_sa.h b/src/libcharon/sa/ike_sa.h
index c72d87367..9dbc805c9 100644
--- a/src/libcharon/sa/ike_sa.h
+++ b/src/libcharon/sa/ike_sa.h
@@ -131,6 +131,11 @@ enum ike_extension_t {
 	 * peer supports proprietary IKEv1 or standardized IKEv2 fragmentation
 	 */
 	EXT_IKE_FRAGMENTATION = (1<<11),
+
+	/**
+	 * Signature Authentication, RFC 7427
+	 */
+	EXT_SIGNATURE_AUTH = (1<<12),
 };
 
 /**
@@ -936,8 +941,9 @@ struct ike_sa_t {
 	/**
 	 * Reauthenticate the IKE_SA.
 	 *
-	 * Create a completely new IKE_SA with authentication, recreates all children
-	 * within the IKE_SA, closes this IKE_SA.
+	 * Triggers a new IKE_SA that replaces this one. IKEv1 implicitly inherits
+	 * all Quick Modes, while IKEv2 recreates all active and queued CHILD_SAs
+	 * in the new IKE_SA.
 	 *
 	 * @return				DESTROY_ME to destroy the IKE_SA
 	 */
author	Yves-Alexis Perez <corsac@debian.org>	2015-04-11 22:03:59 +0200
committer	Yves-Alexis Perez <corsac@debian.org>	2015-04-11 22:03:59 +0200
commit	83b8aebb19fe6e49e13a05d4e8f5ab9a06177642 (patch)
tree	51255545ba43b84aa5d673bd0eb557cbd0155c9e /src/libcharon/sa/ike_sa.h
parent	2b8de74ff4c334c25e89988c4a401b24b5bcf03d (diff)
download	vyos-strongswan-83b8aebb19fe6e49e13a05d4e8f5ab9a06177642.tar.gz vyos-strongswan-83b8aebb19fe6e49e13a05d4e8f5ab9a06177642.zip