Sync newer IKE_SA condition/extension flags in ha plugin
authorMartin Willi <martin@revosec.ch>
Wed, 10 Aug 2011 14:58:46 +0000 (16:58 +0200)
committerMartin Willi <martin@revosec.ch>
Fri, 19 Aug 2011 07:16:16 +0000 (09:16 +0200)
src/libcharon/plugins/ha/ha_dispatcher.c
src/libcharon/plugins/ha/ha_ike.c

index 04267f5..0a89e64 100644 (file)
@@ -281,6 +281,10 @@ static void process_ike_update(private_ha_dispatcher_t *this,
                                set_extension(ike_sa, value.u32, EXT_NATT);
                                set_extension(ike_sa, value.u32, EXT_MOBIKE);
                                set_extension(ike_sa, value.u32, EXT_HASH_AND_URL);
+                               set_extension(ike_sa, value.u32, EXT_MULTIPLE_AUTH);
+                               set_extension(ike_sa, value.u32, EXT_STRONGSWAN);
+                               set_extension(ike_sa, value.u32, EXT_EAP_ONLY_AUTHENTICATION);
+                               set_extension(ike_sa, value.u32, EXT_MS_WINDOWS);
                                break;
                        case HA_CONDITIONS:
                                set_condition(ike_sa, value.u32, COND_NAT_ANY);
@@ -290,6 +294,7 @@ static void process_ike_update(private_ha_dispatcher_t *this,
                                set_condition(ike_sa, value.u32, COND_EAP_AUTHENTICATED);
                                set_condition(ike_sa, value.u32, COND_CERTREQ_SEEN);
                                set_condition(ike_sa, value.u32, COND_ORIGINAL_INITIATOR);
+                               set_condition(ike_sa, value.u32, COND_STALE);
                                break;
                        default:
                                break;
index 44df6c1..ce10671 100644 (file)
@@ -158,11 +158,16 @@ METHOD(listener_t, ike_updown, bool,
                                  | copy_condition(ike_sa, COND_NAT_FAKE)
                                  | copy_condition(ike_sa, COND_EAP_AUTHENTICATED)
                                  | copy_condition(ike_sa, COND_CERTREQ_SEEN)
-                                 | copy_condition(ike_sa, COND_ORIGINAL_INITIATOR);
+                                 | copy_condition(ike_sa, COND_ORIGINAL_INITIATOR)
+                                 | copy_condition(ike_sa, COND_STALE);
 
                extension = copy_extension(ike_sa, EXT_NATT)
                                  | copy_extension(ike_sa, EXT_MOBIKE)
-                                 | copy_extension(ike_sa, EXT_HASH_AND_URL);
+                                 | copy_extension(ike_sa, EXT_HASH_AND_URL)
+                                 | copy_extension(ike_sa, EXT_MULTIPLE_AUTH)
+                                 | copy_extension(ike_sa, EXT_STRONGSWAN)
+                                 | copy_extension(ike_sa, EXT_EAP_ONLY_AUTHENTICATION)
+                                 | copy_extension(ike_sa, EXT_MS_WINDOWS);
 
                id = ike_sa->get_id(ike_sa);