sharpetronics/strongswan
1
0
Fork 0
mirror of https://github.com/strongswan/strongswan.git synced 2025-10-05 00:00:45 -04:00
Code Issues Projects Releases Wiki Activity

Raise an alert on traffic selector mismatch

Browse Source
This commit is contained in:
Martin Willi 2012-11-06 11:27:38 +01:00
parent c794455666
commit 24f30ec92f
2 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
src/libcharon/bus/bus.h
View File

@ -111,6 +111,9 @@ enum alert_t {
ALERT_PROPOSAL_MISMATCH_IKE, ALERT_PROPOSAL_MISMATCH_IKE,
/** CHILD proposals do not match, argument is linked_list_t of proposal_t */ /** CHILD proposals do not match, argument is linked_list_t of proposal_t */
ALERT_PROPOSAL_MISMATCH_CHILD, ALERT_PROPOSAL_MISMATCH_CHILD,
/** traffic selectors do not match, arguments are two linked_list_t
* containing traffic_selector_t for initiator and for responder */
ALERT_TS_MISMATCH,
/** IKE_SA deleted because of "replace" unique policy, no argument */ /** IKE_SA deleted because of "replace" unique policy, no argument */
ALERT_UNIQUE_REPLACE, ALERT_UNIQUE_REPLACE,
/** IKE_SA deleted because of "keep" unique policy, no arguement */ /** IKE_SA deleted because of "keep" unique policy, no arguement */

2
src/libcharon/sa/ikev2/tasks/child_create.c
View File

@ -454,6 +454,7 @@ static status_t select_and_install(private_child_create_t *this,
if (my_ts->get_count(my_ts) == 0 || other_ts->get_count(other_ts) == 0) if (my_ts->get_count(my_ts) == 0 || other_ts->get_count(other_ts) == 0)
{ {
charon->bus->alert(charon->bus, ALERT_TS_MISMATCH, this->tsi, this->tsr);
my_ts->destroy_offset(my_ts, offsetof(traffic_selector_t, destroy)); my_ts->destroy_offset(my_ts, offsetof(traffic_selector_t, destroy));
other_ts->destroy_offset(other_ts, offsetof(traffic_selector_t, destroy)); other_ts->destroy_offset(other_ts, offsetof(traffic_selector_t, destroy));
DBG1(DBG_IKE, "no acceptable traffic selectors found"); DBG1(DBG_IKE, "no acceptable traffic selectors found");
@ -1042,6 +1043,7 @@ METHOD(task_t, build_r, status_t,
{ {
DBG1(DBG_IKE, "traffic selectors %#R=== %#R inacceptable", DBG1(DBG_IKE, "traffic selectors %#R=== %#R inacceptable",
this->tsr, this->tsi); this->tsr, this->tsi);
charon->bus->alert(charon->bus, ALERT_TS_MISMATCH, this->tsi, this->tsr);
message->add_notify(message, FALSE, TS_UNACCEPTABLE, chunk_empty); message->add_notify(message, FALSE, TS_UNACCEPTABLE, chunk_empty);
handle_child_sa_failure(this, message); handle_child_sa_failure(this, message);
return SUCCESS; return SUCCESS;