ike: Use address family of local address when resolving remote host
authorTobias Brunner <tobias@strongswan.org>
Thu, 11 Jun 2015 13:10:29 +0000 (15:10 +0200)
committerTobias Brunner <tobias@strongswan.org>
Mon, 27 Jul 2015 10:09:41 +0000 (12:09 +0200)
If static local addresses are configured we should use their address family
as a hint when resolving the remote address.
We don't do this if %any is configured as this might break existing
configurations (%any4 and %any6 are however used as hint).

src/libcharon/sa/ike_sa.c

index 3aafa4c..0c13c58 100644 (file)
@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2006-2014 Tobias Brunner
+ * Copyright (C) 2006-2015 Tobias Brunner
  * Copyright (C) 2006 Daniel Roethlisberger
  * Copyright (C) 2005-2009 Martin Willi
  * Copyright (C) 2005 Jan Hutter
@@ -1200,6 +1200,19 @@ static void resolve_hosts(private_ike_sa_t *this)
                        break;
        }
 
+       /* if an IP address is set locally, use the same family to resolve remote */
+       if (family == AF_UNSPEC && !this->remote_host)
+       {
+               if (this->local_host)
+               {
+                       family = this->local_host->get_family(this->local_host);
+               }
+               else
+               {
+                       family = ike_cfg_get_family(this->ike_cfg, TRUE);
+               }
+       }
+
        if (this->remote_host)
        {
                host = this->remote_host->clone(this->remote_host);