be64toh(id->get_initiator_spi(id)),
be64toh(id->get_responder_spi(id)));
- if (id->get_responder_spi(id) == 0 &&
- message->get_message_id(message) == 0)
+ if (message->get_request(message) &&
+ message->get_exchange_type(message) == IKE_SA_INIT)
{
- if (message->get_major_version(message) == IKEV2_MAJOR_VERSION)
+ untrack_half_open = TRUE;
+
+ if (message->get_message_id(message) == 0 &&
+ id->get_responder_spi(id) == 0)
{
- if (message->get_exchange_type(message) == IKE_SA_INIT &&
- message->get_request(message))
- {
- ike_version = IKEV2;
- is_init = TRUE;
- }
+ ike_version = IKEV2;
+ is_init = TRUE;
}
- else
+ }
+ else if ((message->get_exchange_type(message) == ID_PROT ||
+ message->get_exchange_type(message) == AGGRESSIVE) &&
+ id->get_responder_spi(id) == 0)
+ {
+ untrack_half_open = TRUE;
+
+ if (message->get_message_id(message) == 0)
{
- if (message->get_exchange_type(message) == ID_PROT ||
- message->get_exchange_type(message) == AGGRESSIVE)
- {
- ike_version = IKEV1;
- is_init = TRUE;
- if (id->is_initiator(id))
- { /* not set in IKEv1, switch back before applying to new SA */
- id->switch_initiator(id);
- }
+ ike_version = IKEV1;
+ is_init = TRUE;
+ if (id->is_initiator(id))
+ { /* not set in IKEv1, switch back before applying to new SA */
+ id->switch_initiator(id);
}
}
}
uint64_t our_spi;
chunk_t hash;
- untrack_half_open = TRUE;
hasher = lib->crypto->create_hasher(lib->crypto, HASH_SHA1);
if (!hasher || !get_init_hash(hasher, message, &hash))
{