ike: Use the original port when remote resolves to %any
authorTobias Brunner <tobias@strongswan.org>
Tue, 18 Aug 2015 15:35:39 +0000 (17:35 +0200)
committerTobias Brunner <tobias@strongswan.org>
Wed, 19 Aug 2015 09:34:25 +0000 (11:34 +0200)
When reestablishing the IKE_SA we should still use the original port
when right resolves to %any as some implementations might not like
initial IKE messages on port 4500 (especially for IKEv1).

src/libcharon/sa/ike_sa.c

index 3bfd149..dcf9d5f 100644 (file)
@@ -1240,7 +1240,9 @@ static void resolve_hosts(private_ike_sa_t *this)
                        set_other_host(this, host);
                }
                else
-               {
+               {       /* reuse the original port as some implementations might not like
+                        * initial IKE messages on other ports */
+                       this->other_host->set_port(this->other_host, host->get_port(host));
                        host->destroy(host);
                }
        }