From: Thomas Egerer <thomas.egerer@secunet.com>
Date: Fri, 24 Apr 2015 11:43:18 +0000 (+0200)
Subject: ha: Sync remote address in HA_IKE_ADD, too
X-Git-Tag: 5.3.3dr4~15
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=3434709460d83295d54f3bf5ad46cbd197e859cb;p=thirdparty%2Fstrongswan.git

ha: Sync remote address in HA_IKE_ADD, too

When the IKE_SA is synced without the remote address, after a
reauthentication charon is not able to find it in its connected_peers
table since the destination host will be %any (it's missing in the
message, hence the default from the newly created ike_sa_t -- %any --
will be used).
By adding the value to the HA_IKE_ADD message, we should be able to
solve this problem.

Signed-off-by: Thomas Egerer <thomas.egerer@secunet.com>
---

diff --git a/src/libcharon/plugins/ha/ha_dispatcher.c b/src/libcharon/plugins/ha/ha_dispatcher.c
index 31eeb934ed..75d5030846 100644
--- a/src/libcharon/plugins/ha/ha_dispatcher.c
+++ b/src/libcharon/plugins/ha/ha_dispatcher.c
@@ -135,6 +135,7 @@ static void process_ike_add(private_ha_dispatcher_t *this, ha_message_t *message
 	chunk_t nonce_i = chunk_empty, nonce_r = chunk_empty;
 	chunk_t secret = chunk_empty, old_skd = chunk_empty;
 	chunk_t dh_local = chunk_empty, dh_remote = chunk_empty, psk = chunk_empty;
+	host_t *other = NULL;
 	bool ok = FALSE;
 
 	enumerator = message->create_attribute_enumerator(message);
@@ -150,6 +151,9 @@ static void process_ike_add(private_ha_dispatcher_t *this, ha_message_t *message
 				old_sa = charon->ike_sa_manager->checkout(charon->ike_sa_manager,
 														  value.ike_sa_id);
 				break;
+			case HA_REMOTE_ADDR:
+				other = value.host->clone(value.host);
+				break;
 			case HA_IKE_VERSION:
 				version = value.u8;
 				break;
@@ -252,6 +256,11 @@ static void process_ike_add(private_ha_dispatcher_t *this, ha_message_t *message
 												charon->ike_sa_manager, old_sa);
 				old_sa = NULL;
 			}
+			if (other)
+			{
+				ike_sa->set_other_host(ike_sa, other);
+				other = NULL;
+			}
 			ike_sa->set_state(ike_sa, IKE_CONNECTING);
 			ike_sa->set_proposal(ike_sa, proposal);
 			this->cache->cache(this->cache, ike_sa, message);
@@ -270,6 +279,7 @@ static void process_ike_add(private_ha_dispatcher_t *this, ha_message_t *message
 	{
 		charon->ike_sa_manager->checkin(charon->ike_sa_manager, old_sa);
 	}
+	DESTROY_IF(other);
 	DESTROY_IF(message);
 }
 
diff --git a/src/libcharon/plugins/ha/ha_ike.c b/src/libcharon/plugins/ha/ha_ike.c
index 6b4b53c9c8..7492dd06e8 100644
--- a/src/libcharon/plugins/ha/ha_ike.c
+++ b/src/libcharon/plugins/ha/ha_ike.c
@@ -138,6 +138,7 @@ METHOD(listener_t, ike_keys, bool,
 			m->add_attribute(m, HA_PSK, shared->get_key(shared));
 		}
 	}
+	m->add_attribute(m, HA_REMOTE_ADDR, ike_sa->get_other_host(ike_sa));
 
 	this->socket->push(this->socket, m);
 	this->cache->cache(this->cache, ike_sa, m);