summaryrefslogtreecommitdiff
path: root/src/charon/sa/tasks/ike_rekey.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/charon/sa/tasks/ike_rekey.c')
-rw-r--r--src/charon/sa/tasks/ike_rekey.c65
1 files changed, 48 insertions, 17 deletions
diff --git a/src/charon/sa/tasks/ike_rekey.c b/src/charon/sa/tasks/ike_rekey.c
index 6c4ef4354..28d63cca7 100644
--- a/src/charon/sa/tasks/ike_rekey.c
+++ b/src/charon/sa/tasks/ike_rekey.c
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2005-2007 Martin Willi
+ * Copyright (C) 2005-2008 Martin Willi
* Copyright (C) 2005 Jan Hutter
* Hochschule fuer Technik Rapperswil
*
@@ -13,7 +13,7 @@
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
*
- * $Id: ike_rekey.c 4211 2008-07-23 18:46:34Z andreas $
+ * $Id: ike_rekey.c 4659 2008-11-14 14:05:47Z martin $
*/
#include "ike_rekey.h"
@@ -144,7 +144,7 @@ static status_t build_r(private_ike_rekey_t *this, message_t *message)
message->add_notify(message, TRUE, NO_PROPOSAL_CHOSEN, chunk_empty);
return SUCCESS;
}
-
+
if (this->ike_init->task.build(&this->ike_init->task, message) == FAILED)
{
return SUCCESS;
@@ -152,13 +152,13 @@ static status_t build_r(private_ike_rekey_t *this, message_t *message)
this->ike_sa->set_state(this->ike_sa, IKE_REKEYING);
this->new_sa->set_state(this->new_sa, IKE_ESTABLISHED);
- SIG_IKE(UP_SUCCESS, "IKE_SA %s[%d] established between %H[%D]...%H[%D]",
- this->new_sa->get_name(this->new_sa),
- this->new_sa->get_unique_id(this->new_sa),
- this->ike_sa->get_my_host(this->ike_sa),
- this->ike_sa->get_my_id(this->ike_sa),
- this->ike_sa->get_other_host(this->ike_sa),
- this->ike_sa->get_other_id(this->ike_sa));
+ DBG0(DBG_IKE, "IKE_SA %s[%d] established between %H[%D]...%H[%D]",
+ this->new_sa->get_name(this->new_sa),
+ this->new_sa->get_unique_id(this->new_sa),
+ this->ike_sa->get_my_host(this->ike_sa),
+ this->ike_sa->get_my_id(this->ike_sa),
+ this->ike_sa->get_other_host(this->ike_sa),
+ this->ike_sa->get_other_id(this->ike_sa));
return SUCCESS;
}
@@ -170,7 +170,32 @@ static status_t process_i(private_ike_rekey_t *this, message_t *message)
{
job_t *job;
ike_sa_id_t *to_delete;
+ iterator_t *iterator;
+ payload_t *payload;
+ /* handle NO_ADDITIONAL_SAS notify */
+ iterator = message->get_payload_iterator(message);
+ while (iterator->iterate(iterator, (void**)&payload))
+ {
+ if (payload->get_type(payload) == NOTIFY)
+ {
+ notify_payload_t *notify = (notify_payload_t*)payload;
+
+ if (notify->get_notify_type(notify) == NO_ADDITIONAL_SAS)
+ {
+ DBG1(DBG_IKE, "peer seems to not support IKE rekeying, "
+ "starting reauthentication");
+ this->ike_sa->set_state(this->ike_sa, IKE_ESTABLISHED);
+ charon->processor->queue_job(charon->processor,
+ (job_t*)rekey_ike_sa_job_create(
+ this->ike_sa->get_id(this->ike_sa), TRUE));
+ iterator->destroy(iterator);
+ return SUCCESS;
+ }
+ }
+ }
+ iterator->destroy(iterator);
+
switch (this->ike_init->task.process(&this->ike_init->task, message))
{
case FAILED:
@@ -198,13 +223,13 @@ static status_t process_i(private_ike_rekey_t *this, message_t *message)
}
this->new_sa->set_state(this->new_sa, IKE_ESTABLISHED);
- SIG_IKE(UP_SUCCESS, "IKE_SA %s[%d] established between %H[%D]...%H[%D]",
- this->new_sa->get_name(this->new_sa),
- this->new_sa->get_unique_id(this->new_sa),
- this->ike_sa->get_my_host(this->ike_sa),
- this->ike_sa->get_my_id(this->ike_sa),
- this->ike_sa->get_other_host(this->ike_sa),
- this->ike_sa->get_other_id(this->ike_sa));
+ DBG0(DBG_IKE, "IKE_SA %s[%d] established between %H[%D]...%H[%D]",
+ this->new_sa->get_name(this->new_sa),
+ this->new_sa->get_unique_id(this->new_sa),
+ this->ike_sa->get_my_host(this->ike_sa),
+ this->ike_sa->get_my_id(this->ike_sa),
+ this->ike_sa->get_other_host(this->ike_sa),
+ this->ike_sa->get_other_id(this->ike_sa));
to_delete = this->ike_sa->get_id(this->ike_sa);
@@ -242,6 +267,8 @@ static status_t process_i(private_ike_rekey_t *this, message_t *message)
this->new_sa = other->new_sa;
other->new_sa = NULL;
}
+ /* set threads active IKE_SA after checkin */
+ charon->bus->set_sa(charon->bus, this->ike_sa);
}
job = (job_t*)delete_ike_sa_job_create(to_delete, TRUE);
@@ -277,6 +304,8 @@ static void migrate(private_ike_rekey_t *this, ike_sa_t *ike_sa)
{
charon->ike_sa_manager->checkin_and_destroy(charon->ike_sa_manager,
this->new_sa);
+ /* set threads active IKE_SA after checkin */
+ charon->bus->set_sa(charon->bus, this->ike_sa);
}
DESTROY_IF(this->collision);
@@ -303,6 +332,8 @@ static void destroy(private_ike_rekey_t *this)
charon->ike_sa_manager->checkin_and_destroy(charon->ike_sa_manager,
this->new_sa);
}
+ /* set threads active IKE_SA after checkin */
+ charon->bus->set_sa(charon->bus, this->ike_sa);
}
if (this->ike_init)
{
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-05 03:58:26 +0000