sharpetronics/strongswan
1
0
Fork 0
mirror of https://github.com/strongswan/strongswan.git synced 2025-10-16 00:00:37 -04:00
Code Issues Projects Releases Wiki Activity

ike-mobike: Skip peer addresses we can't send packets to when checking paths

Browse Source
This commit is contained in:
Tobias Brunner 2014-07-28 12:09:16 +02:00
parent ff60134157
commit c5a5bc85d9
1 changed files with 18 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
src/libcharon/sa/ikev2/tasks/ike_mobike.c
View File

@ -313,12 +313,26 @@ METHOD(ike_mobike_t, transmit, void,
enumerator_t *enumerator;
ike_cfg_t *ike_cfg;
packet_t *copy;
int family = AF_UNSPEC;
if (!this->check)
{
return;
}
switch (charon->socket->supported_families(charon->socket))
{
case SOCKET_FAMILY_IPV4:
family = AF_INET;
break;
case SOCKET_FAMILY_IPV6:
family = AF_INET6;
break;
case SOCKET_FAMILY_BOTH:
case SOCKET_FAMILY_NONE:
break;
}
me_old = this->ike_sa->get_my_host(this->ike_sa);
other_old = this->ike_sa->get_other_host(this->ike_sa);
ike_cfg = this->ike_sa->get_ike_cfg(this->ike_sa);
@ -326,15 +340,14 @@ METHOD(ike_mobike_t, transmit, void,
enumerator = this->ike_sa->create_peer_address_enumerator(this->ike_sa);
while (enumerator->enumerate(enumerator, (void**)&other))
{
if (family != AF_UNSPEC && other->get_family(other) != family)
{
continue;
}
me = hydra->kernel_interface->get_source_addr(
hydra->kernel_interface, other, NULL);
if (me)
{
if (me->get_family(me) != other->get_family(other))
{
me->destroy(me);
continue;
}
/* reuse port for an active address, 4500 otherwise */
apply_port(me, me_old, ike_cfg->get_my_port(ike_cfg), TRUE);
other = other->clone(other);