ikev1: Defer Mode Config push after CHILD adoption and reauth detection
authorMartin Willi <martin@revosec.ch>
Mon, 7 Jul 2014 08:42:11 +0000 (10:42 +0200)
committerMartin Willi <martin@revosec.ch>
Mon, 25 Aug 2014 07:55:44 +0000 (09:55 +0200)
commit891bbbd4bb8d3ef19e48ecbdb79d8b8a20007749
tree6de8154954ec18312b9776e98f9dff980640085e
parent898c8b12f93a2b872d76a3eececce113bf61ee52
ikev1: Defer Mode Config push after CHILD adoption and reauth detection

When an initiator starts reauthentication on a connection that uses push
mode to assign a virtual IP, we can't execute the Mode Config before releasing
the virtual IP. Otherwise we would request a new and different lease, which
the client probably can't handle. Defer Mode Config execution, so the same IP
gets first released then reassigned during reauthentication.
src/libcharon/sa/ikev1/tasks/aggressive_mode.c
src/libcharon/sa/ikev1/tasks/main_mode.c