* Whether to follow IKEv2 redirects
*/
bool follow_redirects;
+
+ /**
+ * Original gateway address from which we got redirected
+ */
+ host_t *redirected_from;
};
/**
this->other_host = other;
}
+METHOD(ike_sa_t, get_redirected_from, host_t*,
+ private_ike_sa_t *this)
+{
+ return this->redirected_from;
+}
+
METHOD(ike_sa_t, get_peer_cfg, peer_cfg_t*,
private_ike_sa_t *this)
{
{
keepalives = TRUE;
}
+ DESTROY_IF(this->redirected_from);
+ this->redirected_from = NULL;
}
break;
}
private_ike_sa_t *this, identification_t *gateway)
{
char gw[BUF_LEN];
- host_t *other;
+ host_t *other, *from;
DBG1(DBG_IKE, "redirected to %Y", gateway);
if (!this->follow_redirects)
gateway);
return FALSE;
}
+ from = this->other_host->clone(this->other_host);
switch (this->state)
{
case IKE_CONNECTING:
reset(this);
set_other_host(this, other);
+ DESTROY_IF(this->redirected_from);
+ this->redirected_from = from;
return TRUE;
default:
DBG1(DBG_IKE, "unable to handle redirect for IKE_SA in state %N",
ike_sa_state_names, this->state);
other->destroy(other);
+ from->destroy(from);
return FALSE;
}
}
DESTROY_IF(this->other_id);
DESTROY_IF(this->local_host);
DESTROY_IF(this->remote_host);
+ DESTROY_IF(this->redirected_from);
DESTROY_IF(this->ike_cfg);
DESTROY_IF(this->peer_cfg);
.send_dpd = _send_dpd,
.send_keepalive = _send_keepalive,
.handle_redirect = _handle_redirect,
+ .get_redirected_from = _get_redirected_from,
.get_keymat = _get_keymat,
.add_child_sa = _add_child_sa,
.get_child_sa = _get_child_sa,