fixed reuathentication when connections other host is %any
authorMartin Willi <martin@strongswan.org>
Wed, 3 Jan 2007 09:26:44 +0000 (09:26 -0000)
committerMartin Willi <martin@strongswan.org>
Wed, 3 Jan 2007 09:26:44 +0000 (09:26 -0000)
src/charon/queues/jobs/initiate_job.c
src/charon/queues/jobs/initiate_job.h
src/charon/sa/ike_sa.c
src/charon/sa/transactions/create_child_sa.c
src/charon/threads/stroke_interface.c

index 52877c4..8b943a3 100644 (file)
@@ -45,6 +45,11 @@ struct private_initiate_job_t {
        connection_t *connection;
        
        /**
+        * host to connect to, use NULL to use connections one
+        */
+       host_t *other;
+       
+       /**
         * associated policy to initiate
         */
        policy_t *policy;
@@ -71,6 +76,11 @@ static status_t execute(private_initiate_job_t *this)
                                                        this->policy->get_my_id(this->policy),
                                                        this->policy->get_other_id(this->policy));
        
+       if (this->other)
+       {
+               ike_sa->set_other_host(ike_sa, this->other->clone(this->other));
+       }
+       
        this->connection->get_ref(this->connection);
        this->policy->get_ref(this->policy);
        if (ike_sa->initiate(ike_sa, this->connection, this->policy) != SUCCESS)
@@ -91,13 +101,15 @@ static void destroy(private_initiate_job_t *this)
 {
        this->connection->destroy(this->connection);
        this->policy->destroy(this->policy);
+       DESTROY_IF(this->other);
        free(this);
 }
 
 /*
  * Described in header
  */
-initiate_job_t *initiate_job_create(connection_t *connection, policy_t *policy)
+initiate_job_t *initiate_job_create(connection_t *connection, host_t *other,
+                                                                       policy_t *policy)
 {
        private_initiate_job_t *this = malloc_thing(private_initiate_job_t);
        
@@ -109,6 +121,7 @@ initiate_job_t *initiate_job_create(connection_t *connection, policy_t *policy)
        /* private variables */
        this->connection = connection;
        this->policy = policy;
+       this->other = other;
        
        return &this->public;
 }
index 846f2f6..2fd0ced 100644 (file)
@@ -51,12 +51,13 @@ struct initiate_job_t {
  * @brief Creates a job of type INITIATE_IKE_SA.
  * 
  * @param connection   connection_t to initialize
+ * @param other                        another host to initiate to, NULL to use connections one
  * @param policy               policy to set up
  * @return                             initiate_job_t object
  * 
  * @ingroup jobs
  */
-initiate_job_t *initiate_job_create(connection_t *connection,
-                                                                                                 policy_t *policy);
+initiate_job_t *initiate_job_create(connection_t *connection, host_t *other,
+                                                                   policy_t *policy);
 
 #endif /*INITIATE_IKE_SA_JOB_H_*/
index af6060b..f8c2474 100644 (file)
@@ -484,7 +484,7 @@ static void dpd_detected(private_ike_sa_t *this)
                                break;
                        case DPD_RESTART:
                                connection->get_ref(connection);
-                               job = (job_t*)initiate_job_create(connection, policy);
+                               job = (job_t*)initiate_job_create(connection, NULL, policy);
                                charon->job_queue->add(charon->job_queue, job);
                                break;
                        default:
@@ -894,12 +894,18 @@ static status_t initiate(private_ike_sa_t *this,
                        ike_sa_init_t *ike_sa_init;
                        
                        DBG2(DBG_IKE, "initiating new IKE_SA for CHILD_SA");
-                       DESTROY_IF(this->my_host);
-                       this->my_host = connection->get_my_host(connection);
-                       this->my_host = this->my_host->clone(this->my_host);
-                       DESTROY_IF(this->other_host);
-                       this->other_host = connection->get_other_host(connection);
-                       this->other_host = this->other_host->clone(this->other_host);
+                       if (this->my_host->is_anyaddr(this->my_host))
+                       {
+                               this->my_host->destroy(this->my_host);
+                               this->my_host = connection->get_my_host(connection);
+                               this->my_host = this->my_host->clone(this->my_host);
+                       }
+                       if (this->other_host->is_anyaddr(this->other_host))
+                       {
+                               this->other_host->destroy(this->other_host);
+                               this->other_host = connection->get_other_host(connection);
+                               this->other_host = this->other_host->clone(this->other_host);
+                       }
                        this->retrans_sequences = connection->get_retrans_seq(connection);
                        this->dpd_delay = connection->get_dpd_delay(connection);
                        
@@ -1841,6 +1847,8 @@ static status_t reauth(private_ike_sa_t *this)
                job_t *job;
                policy_t *policy;
                linked_list_t *my_ts, *other_ts;
+               host_t *other;
+               
                my_ts = child_sa->get_my_traffic_selectors(child_sa);
                other_ts = child_sa->get_other_traffic_selectors(child_sa);
                policy = charon->policies->get_policy(charon->policies,
@@ -1851,9 +1859,9 @@ static status_t reauth(private_ike_sa_t *this)
                        DBG1(DBG_IKE, "policy not found to recreate CHILD_SA, skipped");
                        continue;
                }
-               
                connection->get_ref(connection);
-               job = (job_t*)initiate_job_create(connection, policy);
+               other = this->other_host->clone(this->other_host);
+               job = (job_t*)initiate_job_create(connection, other, policy);
                charon->job_queue->add(charon->job_queue, job);
        }
        iterator->destroy(iterator);
index 37f35ec..c07347d 100644 (file)
@@ -818,7 +818,7 @@ static status_t get_response(private_create_child_sa_t *this, message_t *request
                if (other)
                {
                        /* store our lower nonce in the simultaneus transaction, it 
-                        * will later compare it against his nonces when it calls conclude().
+                        * will later compare it against its nonces when it calls conclude().
                         */
                        if (memcmp(this->nonce_i.ptr, this->nonce_r.ptr,
                                min(this->nonce_i.len, this->nonce_r.len)) < 0)
index a982845..b12ca5c 100755 (executable)
@@ -522,7 +522,7 @@ static void stroke_initiate(private_stroke_t *this, stroke_msg_t *msg)
                return;
        }
        
-       job = initiate_job_create(connection, policy);
+       job = initiate_job_create(connection, NULL, policy);
        /*
        if (msg->output_verbosity < 0)
        {