DESTROY_IF(this->peer_cfg);
this->peer_cfg = peer_cfg;
- if (!this->ike_cfg)
- {
- this->ike_cfg = peer_cfg->get_ike_cfg(peer_cfg);
- this->ike_cfg->get_ref(this->ike_cfg);
- }
+ DESTROY_IF(this->ike_cfg);
+ this->ike_cfg = peer_cfg->get_ike_cfg(peer_cfg);
+ this->ike_cfg->get_ref(this->ike_cfg);
this->if_id_in = peer_cfg->get_if_id(peer_cfg, TRUE);
this->if_id_out = peer_cfg->get_if_id(peer_cfg, FALSE);
*/
static void set_dscp(private_ike_sa_t *this, packet_t *packet)
{
- ike_cfg_t *ike_cfg;
-
- /* prefer IKE config on peer_cfg, as its selection is more accurate
- * then the initial IKE config */
- if (this->peer_cfg)
- {
- ike_cfg = this->peer_cfg->get_ike_cfg(this->peer_cfg);
- }
- else
- {
- ike_cfg = this->ike_cfg;
- }
- if (ike_cfg)
+ if (this->ike_cfg)
{
- packet->set_dscp(packet, ike_cfg->get_dscp(ike_cfg));
+ packet->set_dscp(packet, this->ike_cfg->get_dscp(this->ike_cfg));
}
}
*/
phase1_t *ph1;
- /**
- * IKE config to establish
- */
- ike_cfg_t *ike_cfg;
-
/**
* Peer config to use
*/
{
case AM_INIT:
{
+ ike_cfg_t *ike_cfg;
sa_payload_t *sa_payload;
id_payload_t *id_payload;
linked_list_t *proposals;
this->ike_sa->get_other_host(this->ike_sa));
this->ike_sa->set_state(this->ike_sa, IKE_CONNECTING);
- this->ike_cfg = this->ike_sa->get_ike_cfg(this->ike_sa);
+ ike_cfg = this->ike_sa->get_ike_cfg(this->ike_sa);
this->peer_cfg = this->ike_sa->get_peer_cfg(this->ike_sa);
this->peer_cfg->get_ref(this->peer_cfg);
FALSE);
}
this->lifetime += this->peer_cfg->get_over_time(this->peer_cfg);
- proposals = this->ike_cfg->get_proposals(this->ike_cfg);
+ proposals = ike_cfg->get_proposals(ike_cfg);
sa_payload = sa_payload_create_from_proposals_v1(proposals,
this->lifetime, 0, this->method, MODE_NONE,
ENCAP_NONE, 0);
message->add_payload(message, &sa_payload->payload_interface);
- group = this->ike_cfg->get_algorithm(this->ike_cfg,
- KEY_EXCHANGE_METHOD);
+ group = ike_cfg->get_algorithm(ike_cfg, KEY_EXCHANGE_METHOD);
if (!group)
{
DBG1(DBG_IKE, "DH group selection failed");
{
case AM_INIT:
{
+ ike_cfg_t *ike_cfg;
sa_payload_t *sa_payload;
id_payload_t *id_payload;
identification_t *id;
proposal_selection_flag_t flags = PROPOSAL_SKIP_PRIVATE;
uint16_t group;
- this->ike_cfg = this->ike_sa->get_ike_cfg(this->ike_sa);
+ ike_cfg = this->ike_sa->get_ike_cfg(this->ike_sa);
DBG0(DBG_IKE, "%H is initiating a Aggressive Mode IKE_SA",
message->get_source(message));
this->ike_sa->set_state(this->ike_sa, IKE_CONNECTING);
{
flags = PROPOSAL_PREFER_SUPPLIED;
}
- this->proposal = this->ike_cfg->select_proposal(this->ike_cfg, list,
- flags);
+ this->proposal = ike_cfg->select_proposal(ike_cfg, list, flags);
list->destroy_offset(list, offsetof(proposal_t, destroy));
if (!this->proposal)
{
auth_method_t method;
sa_payload_t *sa_payload;
id_payload_t *id_payload;
+ ike_cfg_t *ike_cfg;
identification_t *id, *cid;
linked_list_t *list;
uint32_t lifetime;
return send_notify(this, INVALID_PAYLOAD_TYPE);
}
list = sa_payload->get_proposals(sa_payload);
- this->proposal = this->ike_cfg->select_proposal(this->ike_cfg, list, 0);
+ ike_cfg = this->ike_sa->get_ike_cfg(this->ike_sa);
+ this->proposal = ike_cfg->select_proposal(ike_cfg, list, 0);
list->destroy_offset(list, offsetof(proposal_t, destroy));
if (!this->proposal)
{
*/
phase1_t *ph1;
- /**
- * IKE config to establish
- */
- ike_cfg_t *ike_cfg;
-
/**
* Peer config to use
*/
{
case MM_INIT:
{
+ ike_cfg_t *ike_cfg;
sa_payload_t *sa_payload;
linked_list_t *proposals;
packet_t *packet;
this->ike_sa->get_other_host(this->ike_sa));
this->ike_sa->set_state(this->ike_sa, IKE_CONNECTING);
- this->ike_cfg = this->ike_sa->get_ike_cfg(this->ike_sa);
+ ike_cfg = this->ike_sa->get_ike_cfg(this->ike_sa);
this->peer_cfg = this->ike_sa->get_peer_cfg(this->ike_sa);
this->peer_cfg->get_ref(this->peer_cfg);
FALSE);
}
this->lifetime += this->peer_cfg->get_over_time(this->peer_cfg);
- proposals = this->ike_cfg->get_proposals(this->ike_cfg);
+ proposals = ike_cfg->get_proposals(ike_cfg);
sa_payload = sa_payload_create_from_proposals_v1(proposals,
this->lifetime, 0, this->method, MODE_NONE,
ENCAP_NONE, 0);
{
case MM_INIT:
{
+ ike_cfg_t *ike_cfg;
linked_list_t *list;
sa_payload_t *sa_payload;
proposal_selection_flag_t flags = 0;
- this->ike_cfg = this->ike_sa->get_ike_cfg(this->ike_sa);
+ ike_cfg = this->ike_sa->get_ike_cfg(this->ike_sa);
DBG0(DBG_IKE, "%H is initiating a Main Mode IKE_SA",
message->get_source(message));
this->ike_sa->set_state(this->ike_sa, IKE_CONNECTING);
{
flags |= PROPOSAL_PREFER_SUPPLIED;
}
- this->proposal = this->ike_cfg->select_proposal(this->ike_cfg,
- list, flags);
+ this->proposal = ike_cfg->select_proposal(ike_cfg, list, flags);
list->destroy_offset(list, offsetof(proposal_t, destroy));
if (!this->proposal)
{
{
linked_list_t *list;
sa_payload_t *sa_payload;
+ ike_cfg_t *ike_cfg;
auth_method_t method;
proposal_selection_flag_t flags = 0;
uint32_t lifetime;
{
flags |= PROPOSAL_SKIP_PRIVATE;
}
- this->proposal = this->ike_cfg->select_proposal(this->ike_cfg,
- list, flags);
+ ike_cfg = this->ike_sa->get_ike_cfg(this->ike_sa);
+ this->proposal = ike_cfg->select_proposal(ike_cfg, list, flags);
list->destroy_offset(list, offsetof(proposal_t, destroy));
if (!this->proposal)
{
projects / thirdparty / strongswan.git / commitdiff
