summaryrefslogtreecommitdiff
path: root/src/charon/sa/tasks/child_rekey.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/charon/sa/tasks/child_rekey.c')
-rw-r--r--src/charon/sa/tasks/child_rekey.c28
1 files changed, 27 insertions, 1 deletions
diff --git a/src/charon/sa/tasks/child_rekey.c b/src/charon/sa/tasks/child_rekey.c
index 3953951a3..e50ad33be 100644
--- a/src/charon/sa/tasks/child_rekey.c
+++ b/src/charon/sa/tasks/child_rekey.c
@@ -13,7 +13,7 @@
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
*
- * $Id: child_rekey.c 3589 2008-03-13 14:14:44Z martin $
+ * $Id: child_rekey.c 4659 2008-11-14 14:05:47Z martin $
*/
#include "child_rekey.h"
@@ -23,6 +23,7 @@
#include <sa/tasks/child_create.h>
#include <sa/tasks/child_delete.h>
#include <processing/jobs/rekey_child_sa_job.h>
+#include <processing/jobs/rekey_ike_sa_job.h>
typedef struct private_child_rekey_t private_child_rekey_t;
@@ -177,6 +178,31 @@ static status_t process_i(private_child_rekey_t *this, message_t *message)
protocol_id_t protocol;
u_int32_t spi;
child_sa_t *to_delete;
+ iterator_t *iterator;
+ payload_t *payload;
+
+ /* handle NO_ADDITIONAL_SAS notify */
+ iterator = message->get_payload_iterator(message);
+ while (iterator->iterate(iterator, (void**)&payload))
+ {
+ if (payload->get_type(payload) == NOTIFY)
+ {
+ notify_payload_t *notify = (notify_payload_t*)payload;
+
+ if (notify->get_notify_type(notify) == NO_ADDITIONAL_SAS)
+ {
+ DBG1(DBG_IKE, "peer seems to not support CHILD_SA rekeying, "
+ "starting reauthentication");
+ this->child_sa->set_state(this->child_sa, CHILD_INSTALLED);
+ charon->processor->queue_job(charon->processor,
+ (job_t*)rekey_ike_sa_job_create(
+ this->ike_sa->get_id(this->ike_sa), TRUE));
+ iterator->destroy(iterator);
+ return SUCCESS;
+ }
+ }
+ }
+ iterator->destroy(iterator);
if (this->child_create->task.process(&this->child_create->task, message) == NEED_MORE)
{
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-16 15:55:56 +0000