fixed reauthentication when using %any hosts
authorMartin Willi <martin@strongswan.org>
Mon, 8 Jan 2007 07:32:39 +0000 (07:32 -0000)
committerMartin Willi <martin@strongswan.org>
Mon, 8 Jan 2007 07:32:39 +0000 (07:32 -0000)
src/charon/queues/jobs/initiate_job.c
src/charon/sa/ike_sa.c
src/charon/sa/transactions/ike_sa_init.c

index 8b943a3..3d7fd5c 100644 (file)
@@ -78,6 +78,7 @@ static status_t execute(private_initiate_job_t *this)
        
        if (this->other)
        {
+               DBG1(DBG_JOB, "using other host %H", this->other);
                ike_sa->set_other_host(ike_sa, this->other->clone(this->other));
        }
        
index f8c2474..1f8cf5c 100644 (file)
@@ -900,15 +900,14 @@ static status_t initiate(private_ike_sa_t *this,
                                this->my_host = connection->get_my_host(connection);
                                this->my_host = this->my_host->clone(this->my_host);
                        }
+                       DBG1(DBG_IKE, "this->other: %H", this->other_host);
+                       DBG1(DBG_IKE, "connections other: %H", connection->get_other_host(connection));
                        if (this->other_host->is_anyaddr(this->other_host))
                        {
                                this->other_host->destroy(this->other_host);
                                this->other_host = connection->get_other_host(connection);
                                this->other_host = this->other_host->clone(this->other_host);
                        }
-                       this->retrans_sequences = connection->get_retrans_seq(connection);
-                       this->dpd_delay = connection->get_dpd_delay(connection);
-                       
                        if (this->other_host->is_anyaddr(this->other_host))
                        {
                                SIG(IKE_UP_START, "establishing new IKE_SA for CHILD_SA");
@@ -918,6 +917,9 @@ static status_t initiate(private_ike_sa_t *this,
                                return DESTROY_ME;
                        }
                        
+                       this->retrans_sequences = connection->get_retrans_seq(connection);
+                       this->dpd_delay = connection->get_dpd_delay(connection);
+                       
                        this->message_id_out = 1;
                        ike_sa_init = ike_sa_init_create(&this->public);
                        ike_sa_init->set_config(ike_sa_init, connection, policy);
index c85a27f..b5728a9 100644 (file)
@@ -276,8 +276,8 @@ static status_t get_request(private_ike_sa_init_t *this, message_t **result)
                return SUCCESS;
        }
        
-       me = this->connection->get_my_host(this->connection);
-       other = this->connection->get_other_host(this->connection);
+       me = this->ike_sa->get_my_host(this->ike_sa);
+       other = this->ike_sa->get_other_host(this->ike_sa);
        
        /* we already set up the IDs. Mine is already fully qualified, other
         * will be updated in the ike_auth transaction */
@@ -372,7 +372,7 @@ static status_t get_request(private_ike_sa_init_t *this, message_t **result)
                /* N(NAT_DETECTION_SOURCE_IP)+
                 * we include only one notify if our address is defined, but all
                 * possible if not */
-               host = this->connection->get_my_host(this->connection);
+               host = this->ike_sa->get_my_host(this->ike_sa);
                if (host->is_anyaddr(host))
                {
                        /* TODO: we could get the src address from netlink */
@@ -867,8 +867,8 @@ static status_t conclude(private_ike_sa_init_t *this, message_t *response,
        /* allow setting of next transaction in other functions */
        this->next = next;
        
-       me = this->connection->get_my_host(this->connection);
-       other = this->connection->get_other_host(this->connection);
+       me = this->ike_sa->get_my_host(this->ike_sa);
+       other = this->ike_sa->get_other_host(this->ike_sa);
        
        /* check if SPI has been updated, but apply only if all goes ok later */
        responder_spi = response->get_responder_spi(response);