1 diff -rNu pluto.orig/constants.h pluto/constants.h
2 --- pluto.orig/constants.h 2004-07-21 16:33:16.000000000 +0200
3 +++ pluto/constants.h 2004-08-22 22:45:59.000000000 +0200
5 /* Dead Peer Detection actions */
8 - DPD_ACTION_CLEAR = 0,
10 + DPD_ACTION_CLEAR = 0,
11 + DPD_ACTION_HOLD = 1,
12 + DPD_ACTION_RESTART = 2
16 diff -rNu pluto.orig/ipsec_doi.c pluto/ipsec_doi.c
17 --- pluto.orig/ipsec_doi.c 2004-04-03 18:48:10.000000000 +0200
18 +++ pluto/ipsec_doi.c 2004-08-22 22:32:15.000000000 +0200
21 action = st->st_connection->dpd_action;
23 - passert(action == DPD_ACTION_HOLD || action == DPD_ACTION_CLEAR);
24 + passert(action == DPD_ACTION_HOLD || action == DPD_ACTION_CLEAR || action == DPD_ACTION_RESTART);
26 loglog(RC_LOG_SERIOUS, "DPD: Info: No response from peer - declaring peer dead");
28 @@ -5521,11 +5545,20 @@
29 force an initiation of the conn again. */
30 loglog(RC_LOG_SERIOUS, "DPD: Info: Putting connection into %%trap");
33 + } else if(action == DPD_ACTION_CLEAR) {
34 /* dpdaction=clear - Wipe the SA, eroute - everything */
36 loglog(RC_LOG_SERIOUS, "DPD: Info: Clearing Connection");
37 unroute_connection(c);
39 + /* dpdaction=clear - Wipe the SA, eroute - everything, then restart */
41 + loglog(RC_LOG_SERIOUS, "DPD: Info: Restarting Connection");
42 + unroute_connection(c);
43 + if (c->kind == CK_PERMANENT) {
44 + c->initiated = TRUE;
45 + ipsecdoi_initiate(NULL_FD, c, c->policy, 1, SOS_NOBODY);
50 diff -rNu pluto.orig/whack.c pluto/whack.c
51 --- pluto.orig/whack.c 2004-03-01 13:54:10.000000000 +0100
52 +++ pluto/whack.c 2004-08-22 22:34:56.000000000 +0200
54 if( strcmp(optarg, "hold") == 0) {
55 msg.dpd_action = DPD_ACTION_HOLD;
57 + if( strcmp(optarg, "restart") == 0) {
58 + msg.dpd_action = DPD_ACTION_RESTART;
64 diag("dpddelay specified, but dpdtimeout is zero, both should be specified");
65 if(!msg.dpd_delay && msg.dpd_timeout)
66 diag("dpdtimeout specified, but dpddelay is zero, both should be specified");
67 - if(msg.dpd_action != DPD_ACTION_CLEAR && msg.dpd_action != DPD_ACTION_HOLD) {
68 - diag("dpdaction can only be \"clear\" or \"hold\", defaulting to \"hold\"");
69 + if(msg.dpd_action != DPD_ACTION_CLEAR && msg.dpd_action != DPD_ACTION_HOLD && msg.dpd_action != DPD_ACTION_RESTART) {
70 + diag("dpdaction can only be \"restart\", \"clear\" or \"hold\", defaulting to \"hold\"");
71 msg.dpd_action = DPD_ACTION_HOLD;