Recreate IKE_INIT/IKE_NATD/IKE_VENDOR tasks if we reset SA during IKE_AUTH
authorMartin Willi <martin@revosec.ch>
Mon, 7 Jun 2010 12:58:57 +0000 (14:58 +0200)
committerMartin Willi <martin@revosec.ch>
Mon, 7 Jun 2010 12:58:57 +0000 (14:58 +0200)
src/libcharon/sa/ike_sa.c

index a2190ff..ed49170 100644 (file)
@@ -1628,6 +1628,17 @@ METHOD(ike_sa_t, retransmit, status_t,
                                        DBG1(DBG_IKE, "peer not responding, trying again (%d/%d)",
                                                 this->keyingtry + 1, tries);
                                        reset(this);
+                                       if (this->stats[STAT_INBOUND])
+                                       {       /* IKE_INIT already completed, recreate associated tasks */
+                                               task_t *task;
+
+                                               task = (task_t*)ike_vendor_create(&this->public, TRUE);
+                                               this->task_manager->queue_task(this->task_manager, task);
+                                               task = (task_t*)ike_natd_create(&this->public, TRUE);
+                                               this->task_manager->queue_task(this->task_manager, task);
+                                               task = (task_t*)ike_init_create(&this->public, TRUE, NULL);
+                                               this->task_manager->queue_task(this->task_manager, task);
+                                       }
                                        return this->task_manager->initiate(this->task_manager);
                                }
                                DBG1(DBG_IKE, "establishing IKE_SA failed, peer not responding");