set_condition(ike_sa, value.u32, COND_CERTREQ_SEEN);
set_condition(ike_sa, value.u32, COND_ORIGINAL_INITIATOR);
break;
- case HA_INITIATE_MID:
- ike_sa->set_message_id(ike_sa, TRUE, value.u32);
- break;
- case HA_RESPOND_MID:
- ike_sa->set_message_id(ike_sa, FALSE, value.u32);
- break;
default:
break;
}
}
}
+/**
+ * Process messages of type IKE_MID_INITIATOR/RESPONDER
+ */
+static void process_ike_mid(private_ha_dispatcher_t *this,
+ ha_message_t *message, bool initiator)
+{
+ ha_message_attribute_t attribute;
+ ha_message_value_t value;
+ enumerator_t *enumerator;
+ ike_sa_t *ike_sa = NULL;
+ u_int32_t mid = 0;
+
+ enumerator = message->create_attribute_enumerator(message);
+ while (enumerator->enumerate(enumerator, &attribute, &value))
+ {
+ switch (attribute)
+ {
+ case HA_IKE_ID:
+ ike_sa = charon->ike_sa_manager->checkout(charon->ike_sa_manager,
+ value.ike_sa_id);
+ break;
+ case HA_MID:
+ mid = value.u32;
+ break;
+ default:
+ break;
+ }
+ }
+ enumerator->destroy(enumerator);
+
+ if (ike_sa)
+ {
+ if (mid)
+ {
+ ike_sa->set_message_id(ike_sa, initiator, mid);
+ }
+ charon->ike_sa_manager->checkin(charon->ike_sa_manager, ike_sa);
+ }
+}
+
/**
* Process messages of type IKE_DELETE
*/
case HA_IKE_UPDATE:
process_ike_update(this, message);
break;
+ case HA_IKE_MID_INITIATOR:
+ process_ike_mid(this, message, TRUE);
+ break;
+ case HA_IKE_MID_RESPONDER:
+ process_ike_mid(this, message, FALSE);
+ break;
case HA_IKE_DELETE:
process_ike_delete(this, message);
break;
message->get_request(message))
{ /* we sync on requests, but skip it on IKE_SA_INIT */
ha_message_t *m;
- u_int32_t mid;
- m = ha_message_create(HA_IKE_UPDATE);
- m->add_attribute(m, HA_IKE_ID, ike_sa->get_id(ike_sa));
- mid = message->get_message_id(message) + 1;
if (incoming)
{
- m->add_attribute(m, HA_RESPOND_MID, mid);
+ m = ha_message_create(HA_IKE_MID_RESPONDER);
}
else
{
- m->add_attribute(m, HA_INITIATE_MID, mid);
+ m = ha_message_create(HA_IKE_MID_INITIATOR);
}
+ m->add_attribute(m, HA_IKE_ID, ike_sa->get_id(ike_sa));
+ m->add_attribute(m, HA_MID, message->get_message_id(message) + 1);
this->socket->push(this->socket, m);
}
if (ike_sa->get_state(ike_sa) == IKE_ESTABLISHED &&
case HA_EXTENSIONS:
case HA_INBOUND_SPI:
case HA_OUTBOUND_SPI:
- case HA_INITIATE_MID:
- case HA_RESPOND_MID:
+ case HA_MID:
{
u_int32_t val;
case HA_EXTENSIONS:
case HA_INBOUND_SPI:
case HA_OUTBOUND_SPI:
- case HA_INITIATE_MID:
- case HA_RESPOND_MID:
+ case HA_MID:
{
if (this->buf.len < sizeof(u_int32_t))
{
/**
* Protocol version of this implementation
*/
-#define HA_MESSAGE_VERSION 1
+#define HA_MESSAGE_VERSION 2
typedef struct ha_message_t ha_message_t;
typedef enum ha_message_type_t ha_message_type_t;
enum ha_message_type_t {
/** add a completely new IKE_SA */
HA_IKE_ADD = 1,
- /** update an existing IKE_SA (message IDs, address update, ...) */
+ /** update an existing IKE_SA (identities, address update, ...) */
HA_IKE_UPDATE,
+ /** update initiator message id */
+ HA_IKE_MID_INITIATOR,
+ /** update responder message id */
+ HA_IKE_MID_RESPONDER,
/** delete an existing IKE_SA */
HA_IKE_DELETE,
/** add a new CHILD_SA */
HA_LOCAL_TS,
/** traffic_selector_t*, remote traffic selector */
HA_REMOTE_TS,
- /** u_int32_t, initiating message ID */
- HA_INITIATE_MID,
- /** u_int32_t, responding message ID */
- HA_RESPOND_MID,
+ /** u_int32_t, message ID */
+ HA_MID,
/** u_int16_t, HA segment */
HA_SEGMENT,
};
projects / thirdparty / strongswan.git / commitdiff
