diff options
Diffstat (limited to 'src/libcharon/sa/ikev2/tasks/ike_auth.c')
-rw-r--r-- | src/libcharon/sa/ikev2/tasks/ike_auth.c | 23 |
1 files changed, 6 insertions, 17 deletions
diff --git a/src/libcharon/sa/ikev2/tasks/ike_auth.c b/src/libcharon/sa/ikev2/tasks/ike_auth.c index 79a436fbf..036910d0e 100644 --- a/src/libcharon/sa/ikev2/tasks/ike_auth.c +++ b/src/libcharon/sa/ikev2/tasks/ike_auth.c @@ -186,7 +186,7 @@ static status_t collect_other_init_data(private_ike_auth_t *this, */ static void get_reserved_id_bytes(private_ike_auth_t *this, id_payload_t *id) { - u_int8_t *byte; + uint8_t *byte; int i; for (i = 0; i < countof(this->reserved); i++) @@ -564,6 +564,10 @@ METHOD(task_t, process_r, status_t, this->ike_sa->enable_extension(this->ike_sa, EXT_EAP_ONLY_AUTHENTICATION); } + if (message->get_notify(message, INITIAL_CONTACT)) + { + this->initial_contact = TRUE; + } } if (this->other_auth == NULL) @@ -652,14 +656,6 @@ METHOD(task_t, process_r, status_t, return NEED_MORE; } - /* If authenticated (with non-EAP) and received INITIAL_CONTACT, - * delete any existing IKE_SAs with that peer. */ - if (message->get_message_id(message) == 1 && - message->get_notify(message, INITIAL_CONTACT)) - { - this->initial_contact = TRUE; - } - /* another auth round done, invoke authorize hook */ if (!charon->bus->authorize(charon->bus, FALSE)) { @@ -749,13 +745,6 @@ METHOD(task_t, build_r, status_t, get_reserved_id_bytes(this, id_payload); message->add_payload(message, (payload_t*)id_payload); - if (this->initial_contact) - { - charon->ike_sa_manager->check_uniqueness(charon->ike_sa_manager, - this->ike_sa, TRUE); - this->initial_contact = FALSE; - } - if ((uintptr_t)cfg->get(cfg, AUTH_RULE_AUTH_CLASS) == AUTH_CLASS_EAP) { /* EAP-only authentication */ if (!this->ike_sa->supports_extension(this->ike_sa, @@ -830,7 +819,7 @@ METHOD(task_t, build_r, status_t, } if (charon->ike_sa_manager->check_uniqueness(charon->ike_sa_manager, - this->ike_sa, FALSE)) + this->ike_sa, this->initial_contact)) { DBG1(DBG_IKE, "cancelling IKE_SA setup due to uniqueness policy"); charon->bus->alert(charon->bus, ALERT_UNIQUE_KEEP); |