From: Tobias Brunner <tobias@strongswan.org>
Date: Tue, 13 Oct 2015 10:10:42 +0000 (+0200)
Subject: mode-config: Reassign migrated virtual IP if client requests %any
X-Git-Tag: 5.3.4rc1~6
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=322a11ccbbed6408ecac4b6da3922573c20f1d1b;p=thirdparty%2Fstrongswan.git

mode-config: Reassign migrated virtual IP if client requests %any

If we mistakenly detect a new IKE_SA as a reauthentication the client
won't request the previous virtual IP, but since we already migrated
it we already triggered the assign_vips() hook, so we should reassign
the migrated virtual IP.

Fixes #1152.
---

diff --git a/src/libcharon/sa/ikev1/tasks/mode_config.c b/src/libcharon/sa/ikev1/tasks/mode_config.c
index d0994a9616..a03477e187 100644
--- a/src/libcharon/sa/ikev1/tasks/mode_config.c
+++ b/src/libcharon/sa/ikev1/tasks/mode_config.c
@@ -482,7 +482,9 @@ static host_t *assign_migrated_vip(linked_list_t *migrated, host_t *requested)
 	enumerator = migrated->create_enumerator(migrated);
 	while (enumerator->enumerate(enumerator, &vip))
 	{
-		if (vip->ip_equals(vip, requested))
+		if (vip->ip_equals(vip, requested) ||
+		   (requested->is_anyaddr(requested) &&
+			requested->get_family(requested) == vip->get_family(vip)))
 		{
 			migrated->remove_at(migrated, enumerator);
 			found = vip;