fixed bug which prevented port float when nat is detected
[strongswan.git] / src / charon / sa / transactions / ike_sa_init.c
index b86420c..6f52f42 100644 (file)
@@ -775,7 +775,7 @@ static status_t get_response(private_ike_sa_init_t *this,
        if (this->ike_sa->derive_keys(this->ike_sa, this->proposal, 
                                                                  this->diffie_hellman, 
                                                                  this->nonce_i, this->nonce_r,
-                                                                 FALSE, NULL) != SUCCESS)
+                                                                 FALSE, NULL, NULL) != SUCCESS)
        {
                notify_payload_t *notify = notify_payload_create();
                notify->set_notify_type(notify, NO_PROPOSAL_CHOSEN);
@@ -1005,8 +1005,16 @@ static status_t conclude(private_ike_sa_init_t *this, message_t *response,
                }
                if (this->ike_sa->is_natt_enabled(this->ike_sa))
                {
+                       /* update host in IKE_SA */
+                       me = this->ike_sa->get_my_host(this->ike_sa);
+                       me = me->clone(me);
                        me->set_port(me, IKEV2_NATT_PORT);
+                       this->ike_sa->set_my_host(this->ike_sa, me);
+                       other = this->ike_sa->get_other_host(this->ike_sa);
+                       other = other->clone(other);
                        other->set_port(other, IKEV2_NATT_PORT);
+                       this->ike_sa->set_other_host(this->ike_sa, other);
+                       
                        this->logger->log(this->logger, CONTROL|LEVEL1, "switching to port %d", IKEV2_NATT_PORT);
                }
        }
@@ -1019,7 +1027,7 @@ static status_t conclude(private_ike_sa_init_t *this, message_t *response,
        if (this->ike_sa->derive_keys(this->ike_sa, this->proposal, 
                                                                  this->diffie_hellman, 
                                                                  this->nonce_i, this->nonce_r,
-                                                                 TRUE, NULL) != SUCCESS)
+                                                                 TRUE, NULL, NULL) != SUCCESS)
        {
                this->logger->log(this->logger, AUDIT, 
                                                  "transform objects could not be created from selected proposal, deleting IKE_SA");