Force port update as responder when initiator switches to 4500 in IKE_AUTH
authorMartin Willi <martin@revosec.ch>
Wed, 12 Jan 2011 12:54:46 +0000 (13:54 +0100)
committerMartin Willi <martin@revosec.ch>
Wed, 12 Jan 2011 13:37:15 +0000 (14:37 +0100)
src/libcharon/processing/jobs/update_sa_job.c
src/libcharon/sa/ike_sa.c
src/libcharon/sa/ike_sa.h
src/libcharon/sa/task_manager.c

index 17dce25..a88ce72 100644 (file)
@@ -71,7 +71,7 @@ static void execute(private_update_sa_job_t *this)
                if (ike_sa->has_condition(ike_sa, COND_NAT_THERE) &&
                        !ike_sa->has_condition(ike_sa, COND_NAT_HERE))
                {
-                       ike_sa->update_hosts(ike_sa, NULL, this->new);
+                       ike_sa->update_hosts(ike_sa, NULL, this->new, FALSE);
                }
                charon->ike_sa_manager->checkin(charon->ike_sa_manager, ike_sa);
        }
index d6d880d..9b6f9d0 100644 (file)
@@ -825,7 +825,7 @@ METHOD(ike_sa_t, float_ports, void,
 }
 
 METHOD(ike_sa_t, update_hosts, void,
-       private_ike_sa_t *this, host_t *me, host_t *other)
+       private_ike_sa_t *this, host_t *me, host_t *other, bool force)
 {
        bool update = FALSE;
 
@@ -858,7 +858,7 @@ METHOD(ike_sa_t, update_hosts, void,
                if (!other->equals(other, this->other_host))
                {
                        /* update others adress if we are NOT NATed */
-                       if (!has_condition(this, COND_NAT_HERE))
+                       if (force || !has_condition(this, COND_NAT_HERE))
                        {
                                set_other_host(this, other->clone(other));
                                update = TRUE;
index c0007e2..988100b 100644 (file)
@@ -343,8 +343,9 @@ struct ike_sa_t {
         *
         * @param me                    new local host address, or NULL
         * @param other                 new remote host address, or NULL
+        * @param force                 force update
         */
-       void (*update_hosts)(ike_sa_t *this, host_t *me, host_t *other);
+       void (*update_hosts)(ike_sa_t *this, host_t *me, host_t *other, bool force);
 
        /**
         * Get the own identification.
index 16ddb25..9467d15 100644 (file)
@@ -897,7 +897,7 @@ METHOD(task_manager_t, process_message, status_t,
                        {       /* only do host updates based on verified messages */
                                if (!this->ike_sa->supports_extension(this->ike_sa, EXT_MOBIKE))
                                {       /* with MOBIKE, we do no implicit updates */
-                                       this->ike_sa->update_hosts(this->ike_sa, me, other);
+                                       this->ike_sa->update_hosts(this->ike_sa, me, other, mid == 1);
                                }
                        }
                        charon->bus->message(charon->bus, msg, TRUE);
@@ -942,7 +942,7 @@ METHOD(task_manager_t, process_message, status_t,
                        {       /* only do host updates based on verified messages */
                                if (!this->ike_sa->supports_extension(this->ike_sa, EXT_MOBIKE))
                                {       /* with MOBIKE, we do no implicit updates */
-                                       this->ike_sa->update_hosts(this->ike_sa, me, other);
+                                       this->ike_sa->update_hosts(this->ike_sa, me, other, FALSE);
                                }
                        }
                        charon->bus->message(charon->bus, msg, TRUE);