ike: Reuse interface ID during CHILD_SA rekeyings
[strongswan.git] / src / libcharon / sa / ikev1 / tasks / quick_mode.c
index 876b99e..59f049d 100644 (file)
@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2012-2015 Tobias Brunner
+ * Copyright (C) 2012-2019 Tobias Brunner
  * HSR Hochschule fuer Technik Rapperswil
  *
  * Copyright (C) 2011 Martin Willi
@@ -158,12 +158,22 @@ struct private_quick_mode_t {
        /**
         * Explicit inbound mark value to use, if any
         */
-       u_int mark_in;
+       uint32_t mark_in;
 
        /**
-        * Explicit inbound mark value to use, if any
+        * Explicit outbound mark value to use, if any
+        */
+       uint32_t mark_out;
+
+       /**
+        * Explicit inbound interface ID to use, if any
+        */
+       uint32_t if_id_in;
+
+       /**
+        * Explicit outbound interface ID to use, if any
         */
-       u_int mark_out;
+       uint32_t if_id_out;
 
        /**
         * SPI of SA we rekey
@@ -846,7 +856,7 @@ METHOD(task_t, build_i, status_t,
                                                                        this->ike_sa->get_other_host(this->ike_sa),
                                                                        this->config, this->reqid, this->udp,
                                                                        this->mark_in, this->mark_out,
-                                                                       0, 0);
+                                                                       this->if_id_in, this->if_id_out);
 
                        if (this->udp && this->mode == MODE_TRANSPORT)
                        {
@@ -1048,6 +1058,8 @@ static void check_for_rekeyed_child(private_quick_mode_t *this, bool responder)
                                                                                                                        TRUE).value;
                                                this->mark_out = child_sa->get_mark(child_sa,
                                                                                                                        FALSE).value;
+                                               this->if_id_in = child_sa->get_if_id(child_sa, TRUE);
+                                               this->if_id_out = child_sa->get_if_id(child_sa, FALSE);
                                                child_sa->set_state(child_sa, CHILD_REKEYING);
                                                DBG1(DBG_IKE, "detected rekeying of CHILD_SA %s{%u}",
                                                         child_sa->get_name(child_sa),
@@ -1187,7 +1199,7 @@ METHOD(task_t, process_r, status_t,
                                                                        this->ike_sa->get_other_host(this->ike_sa),
                                                                        this->config, this->reqid, this->udp,
                                                                        this->mark_in, this->mark_out,
-                                                                       0, 0);
+                                                                       this->if_id_in, this->if_id_out);
 
                        tsi = linked_list_create_with_items(this->tsi, NULL);
                        tsr = linked_list_create_with_items(this->tsr, NULL);
@@ -1414,12 +1426,19 @@ METHOD(quick_mode_t, use_reqid, void,
 }
 
 METHOD(quick_mode_t, use_marks, void,
-       private_quick_mode_t *this, u_int in, u_int out)
+       private_quick_mode_t *this, uint32_t in, uint32_t out)
 {
        this->mark_in = in;
        this->mark_out = out;
 }
 
+METHOD(quick_mode_t, use_if_ids, void,
+       private_quick_mode_t *this, uint32_t in, uint32_t out)
+{
+       this->if_id_in = in;
+       this->if_id_out = out;
+}
+
 METHOD(quick_mode_t, rekey, void,
        private_quick_mode_t *this, uint32_t spi)
 {
@@ -1450,6 +1469,8 @@ METHOD(task_t, migrate, void,
        this->spi_r = 0;
        this->mark_in = 0;
        this->mark_out = 0;
+       this->if_id_in = 0;
+       this->if_id_out = 0;
 
        if (!this->initiator)
        {
@@ -1490,6 +1511,7 @@ quick_mode_t *quick_mode_create(ike_sa_t *ike_sa, child_cfg_t *config,
                        .get_mid = _get_mid,
                        .use_reqid = _use_reqid,
                        .use_marks = _use_marks,
+                       .use_if_ids = _use_if_ids,
                        .rekey = _rekey,
                },
                .ike_sa = ike_sa,