Inherit authentication information during IKE_SA rekeying
authorMartin Willi <martin@revosec.ch>
Mon, 25 Jul 2011 12:08:18 +0000 (14:08 +0200)
committerMartin Willi <martin@revosec.ch>
Mon, 25 Jul 2011 12:19:17 +0000 (14:19 +0200)
src/libcharon/sa/ike_sa.c

index da429c8..243e11e 100644 (file)
@@ -1929,6 +1929,8 @@ METHOD(ike_sa_t, inherit, void,
        private_ike_sa_t *other = (private_ike_sa_t*)other_public;
        child_sa_t *child_sa;
        attribute_entry_t *entry;
+       enumerator_t *enumerator;
+       auth_cfg_t *cfg;
 
        /* apply hosts and ids */
        this->my_host->destroy(this->my_host);
@@ -1952,6 +1954,20 @@ METHOD(ike_sa_t, inherit, void,
                other->other_virtual_ip = NULL;
        }
 
+       /* authentication information */
+       enumerator = other->my_auths->create_enumerator(other->my_auths);
+       while (enumerator->enumerate(enumerator, &cfg))
+       {
+               this->my_auths->insert_last(this->my_auths, cfg->clone(cfg));
+       }
+       enumerator->destroy(enumerator);
+       enumerator = other->other_auths->create_enumerator(other->other_auths);
+       while (enumerator->enumerate(enumerator, &cfg))
+       {
+               this->other_auths->insert_last(this->other_auths, cfg->clone(cfg));
+       }
+       enumerator->destroy(enumerator);
+
        /* ... and configuration attributes */
        while (other->attributes->remove_last(other->attributes,
                                                                                  (void**)&entry) == SUCCESS)