- some logging improvements and cosmetics
[strongswan.git] / src / charon / sa / states / ike_auth_requested.c
index 069f165..47cc16f 100644 (file)
@@ -184,6 +184,7 @@ static status_t process_message(private_ike_auth_requested_t *this, message_t *i
        signer_t *signer = NULL;
        status_t status;
        host_t *my_host, *other_host;
+       identification_t *my_id, *other_id;
        chunk_t seed;
        prf_plus_t *prf_plus;
        connection_t *connection;
@@ -361,8 +362,11 @@ static status_t process_message(private_ike_auth_requested_t *this, message_t *i
        connection = this->ike_sa->get_connection(this->ike_sa);
        my_host = connection->get_my_host(connection);
        other_host = connection->get_other_host(connection);
-       this->logger->log(this->logger, AUDIT, "IKE_SA established between %s - %s", 
-                                         my_host->get_address(my_host), other_host->get_address(other_host));
+       my_id = connection->get_my_id(connection);
+       other_id = connection->get_other_id(connection);
+       this->logger->log(this->logger, AUDIT, "IKE_SA established %s[%s]...%s[%s]", 
+                                         my_host->get_address(my_host), my_id->get_string(my_id),
+                                         other_host->get_address(other_host), other_id->get_string(other_id));
        
        return SUCCESS;
 }
@@ -521,19 +525,33 @@ static status_t process_notify_payload(private_ike_auth_requested_t *this, notif
                case INVALID_SYNTAX:
                {
                        this->logger->log(this->logger, AUDIT, "IKE_AUTH reply contained an INVALID_SYNTAX notify. Deleting IKE_SA");
-                       return DESTROY_ME;      
+                       return DESTROY_ME;
                        
                }
                case AUTHENTICATION_FAILED:
                {
                        this->logger->log(this->logger, AUDIT, "IKE_AUTH reply contained an AUTHENTICATION_FAILED notify. Deleting IKE_SA");
-                       return DESTROY_ME;      
+                       return DESTROY_ME;
                        
                }
                case SINGLE_PAIR_REQUIRED:
                {
                        this->logger->log(this->logger, AUDIT, "IKE_AUTH reply contained a SINGLE_PAIR_REQUIRED notify. Deleting IKE_SA");
-                       return DESTROY_ME;              
+                       return DESTROY_ME;
+               }
+               case TS_UNACCEPTABLE:
+               {
+                       /* TODO: We currently check only the replied TS payloads, which should be empty. Should
+                       * we interpret the notify additionaly? */
+                       this->logger->log(this->logger, CONTROL, "IKE_AUTH reply contained a TS_UNACCEPTABLE notify. Ignored");
+                       return SUCCESS;
+               }
+               case NO_PROPOSAL_CHOSEN:
+               {
+                       /* TODO: We currently check only the replied SA payload, which should be empty. Should
+                        * we interpret the notify additionaly? */
+                       this->logger->log(this->logger, CONTROL, "IKE_AUTH reply contained a NO_PROPOSAL_CHOSEN notify. Ignored");
+                       return SUCCESS;
                }
                default:
                {