mem-pool: Be less strict when reassigning existing online leases

Also assign online leases to a peer connecting from the same endpoint
when it requests any virtual IP.  This is mainly a workaround for
Windows clients that remember the virtual IPv6 address and re-request it
the next time the connection is initiated (even if it is not a
reauthentication) but don't do the same for virtual IPv4 addresses.
This can result in duplicate policies with different reqids because
these are allocated for unique sets of traffic selectors.

Fixes #3541.

diff --git a/src/libcharon/attributes/mem_pool.c b/src/libcharon/attributes/mem_pool.c
index 9fca4645c8b7469fb3f09367c27e0db38b8446fd..d2dd0d83cc0f4eadd9c6be40f6cb29227a8d5717 100644 (file)
--- a/src/libcharon/attributes/mem_pool.c
+++ b/src/libcharon/attributes/mem_pool.c
@@ -307,8 +307,9 @@ static int get_existing(private_mem_pool_t *this, identification_t *id,
        enumerator = array_create_enumerator(entry->online);
        while (enumerator->enumerate(enumerator, &lease))
        {
-               if (lease->offset == host2offset(this, requested) &&
-                       lease->hash == hash_addr(peer))
+               if (lease->hash == hash_addr(peer) &&
+                       (requested->is_anyaddr(requested) ||
+                        lease->offset == host2offset(this, requested)))
                {
                        offset = lease->offset;
                        /* add an additional "online" entry */