ikev1: Accept reauthentication attempts with a keep unique policy from same host
authorMartin Willi <martin@revosec.ch>
Wed, 18 Sep 2013 12:11:40 +0000 (14:11 +0200)
committerMartin Willi <martin@revosec.ch>
Mon, 30 Sep 2013 11:51:12 +0000 (13:51 +0200)
commitd2e4dd75b7967a7f2c024a1b4c2c1c916ea036ba
treeb3acaa3bd5add5da1b3b130aaa9491d31a3c2f37
parent9c19d7ca31f2a801935580f4b737f1ed3720f469
ikev1: Accept reauthentication attempts with a keep unique policy from same host

When we have a "keep" unique policy in place, we have to be less strict in
rejecting Main/Aggressive Modes to enforce it. If the host/port equals to
that of an existing ISAKMP SA, we assume it is a reauthentication attempt
and accept the new SA (to replace the old).
src/libcharon/sa/ike_sa_manager.c