From: Tobias Brunner <tobias@strongswan.org>
Date: Mon, 25 Jun 2018 12:03:56 +0000 (+0200)
Subject: ike-mobike: Support IKE_AUX exchange between IKE_SA_INIT and IKE_AUTH
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=4e4d6c779a84e808c90249c85548406f8434c9bd;p=thirdparty%2Fstrongswan.git

ike-mobike: Support IKE_AUX exchange between IKE_SA_INIT and IKE_AUTH

This changes the MID of the first IKE_AUTH message.
---

diff --git a/src/libcharon/sa/ikev2/tasks/ike_mobike.c b/src/libcharon/sa/ikev2/tasks/ike_mobike.c
index b2ad0a02af..a9ac805893 100644
--- a/src/libcharon/sa/ikev2/tasks/ike_mobike.c
+++ b/src/libcharon/sa/ikev2/tasks/ike_mobike.c
@@ -414,11 +414,12 @@ METHOD(ike_mobike_t, transmit, bool,
 METHOD(task_t, build_i, status_t,
 	   private_ike_mobike_t *this, message_t *message)
 {
-	if (message->get_exchange_type(message) == IKE_AUTH &&
-		message->get_message_id(message) == 1)
-	{	/* only in first IKE_AUTH */
+	if (message->get_exchange_type(message) == IKE_AUTH)
+	{
 		message->add_notify(message, FALSE, MOBIKE_SUPPORTED, chunk_empty);
 		build_address_list(this, message);
+		/* only in first IKE_AUTH */
+		this->public.task.build = (void*)return_need_more;
 	}
 	else if (message->get_exchange_type(message) == INFORMATIONAL)
 	{
@@ -465,10 +466,11 @@ METHOD(task_t, build_i, status_t,
 METHOD(task_t, process_r, status_t,
 	   private_ike_mobike_t *this, message_t *message)
 {
-	if (message->get_exchange_type(message) == IKE_AUTH &&
-		message->get_message_id(message) == 1)
-	{	/* only first IKE_AUTH */
+	if (message->get_exchange_type(message) == IKE_AUTH)
+	{
 		process_payloads(this, message);
+		/* only first IKE_AUTH */
+		this->public.task.process = (void*)return_need_more;
 	}
 	else if (message->get_exchange_type(message) == INFORMATIONAL)
 	{
@@ -509,7 +511,7 @@ METHOD(task_t, build_r, status_t,
 {
 	if (message->get_exchange_type(message) == IKE_AUTH &&
 		this->ike_sa->get_state(this->ike_sa) == IKE_ESTABLISHED)
-	{
+	{	/* in last IKE_AUTH only */
 		if (this->ike_sa->supports_extension(this->ike_sa, EXT_MOBIKE))
 		{
 			message->add_notify(message, FALSE, MOBIKE_SUPPORTED, chunk_empty);
@@ -542,7 +544,7 @@ METHOD(task_t, process_i, status_t,
 {
 	if (message->get_exchange_type(message) == IKE_AUTH &&
 		this->ike_sa->get_state(this->ike_sa) == IKE_ESTABLISHED)
-	{
+	{	/* in last IKE_AUTH only */
 		process_payloads(this, message);
 		return SUCCESS;
 	}