summaryrefslogtreecommitdiff
path: root/src/libcharon/sa/ikev1/tasks/quick_mode.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/libcharon/sa/ikev1/tasks/quick_mode.c')
-rw-r--r--src/libcharon/sa/ikev1/tasks/quick_mode.c24
1 files changed, 18 insertions, 6 deletions
diff --git a/src/libcharon/sa/ikev1/tasks/quick_mode.c b/src/libcharon/sa/ikev1/tasks/quick_mode.c
index 77592e59a..5e5b61e7f 100644
--- a/src/libcharon/sa/ikev1/tasks/quick_mode.c
+++ b/src/libcharon/sa/ikev1/tasks/quick_mode.c
@@ -1,6 +1,6 @@
/*
* Copyright (C) 2012-2015 Tobias Brunner
- * Hochschule fuer Technik Rapperswil
+ * HSR Hochschule fuer Technik Rapperswil
*
* Copyright (C) 2011 Martin Willi
* Copyright (C) 2011 revosec AG
@@ -1005,14 +1005,25 @@ static bool has_notify_errors(private_quick_mode_t *this, message_t *message)
/**
* Check if this is a rekey for an existing CHILD_SA, reuse reqid if so
*/
-static void check_for_rekeyed_child(private_quick_mode_t *this)
+static void check_for_rekeyed_child(private_quick_mode_t *this, bool responder)
{
enumerator_t *enumerator, *policies;
- traffic_selector_t *local, *remote;
+ traffic_selector_t *local, *remote, *my_ts, *other_ts;
child_sa_t *child_sa;
proposal_t *proposal;
char *name;
+ if (responder)
+ {
+ my_ts = this->tsr;
+ other_ts = this->tsi;
+ }
+ else
+ {
+ my_ts = this->tsi;
+ other_ts = this->tsr;
+ }
+
name = this->config->get_name(this->config);
enumerator = this->ike_sa->create_child_sa_enumerator(this->ike_sa);
while (this->reqid == 0 && enumerator->enumerate(enumerator, &child_sa))
@@ -1026,8 +1037,8 @@ static void check_for_rekeyed_child(private_quick_mode_t *this)
case CHILD_REKEYING:
policies = child_sa->create_policy_enumerator(child_sa);
if (policies->enumerate(policies, &local, &remote) &&
- local->equals(local, this->tsr) &&
- remote->equals(remote, this->tsi) &&
+ local->equals(local, my_ts) &&
+ remote->equals(remote, other_ts) &&
this->proposal->equals(this->proposal, proposal))
{
this->reqid = child_sa->get_reqid(child_sa);
@@ -1165,7 +1176,7 @@ METHOD(task_t, process_r, status_t,
}
}
- check_for_rekeyed_child(this);
+ check_for_rekeyed_child(this, TRUE);
this->child_sa = child_sa_create(
this->ike_sa->get_my_host(this->ike_sa),
@@ -1366,6 +1377,7 @@ METHOD(task_t, process_i, status_t,
{
return send_notify(this, INVALID_PAYLOAD_TYPE);
}
+ check_for_rekeyed_child(this, FALSE);
if (!install(this))
{
return send_notify(this, NO_PROPOSAL_CHOSEN);
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-09 19:42:04 +0000