ikev2: fix session re-initiate after SA expires

author Filip Tehlar <ftehlar@cisco.com>

Tue, 28 Jul 2020 07:25:08 +0000 (07:25 +0000)

committer Filip Tehlar <ftehlar@cisco.com>

Tue, 28 Jul 2020 07:25:08 +0000 (07:25 +0000)
author Filip Tehlar <ftehlar@cisco.com>
Tue, 28 Jul 2020 07:25:08 +0000 (07:25 +0000)
committer Filip Tehlar <ftehlar@cisco.com>
Tue, 28 Jul 2020 07:25:08 +0000 (07:25 +0000)
diff --git a/src/plugins/ikev2/ikev2.c b/src/plugins/ikev2/ikev2.c

index d8c94ff..a9e78a3 100644 (file)
--- a/src/plugins/ikev2/ikev2.c
+++ b/src/plugins/ikev2/ikev2.c
@@ -537,6 +537,7 @@ ikev2_calc_keys (ikev2_sa_t * sa)
    pos += tr_prf->key_len;
  
    vec_free (keymat);
+  sa->keys_generated = 1;
  }
  
  static void
@@ -4313,7 +4314,7 @@ ikev2_mngr_process_responder_sas (ikev2_sa_t * sa)
    ikev2_main_t *km = &ikev2_main;
    vlib_main_t *vm = km->vlib_main;
  
-  if (!sa->sk_ai || !sa->sk_ar)
+  if (!sa->keys_generated)
      return 0;
  
    if (sa->liveness_retries >= km->liveness_max_retries)
diff --git a/src/plugins/ikev2/ikev2_priv.h b/src/plugins/ikev2/ikev2_priv.h

index 7e40ed3..f8b0458 100644 (file)
--- a/src/plugins/ikev2/ikev2_priv.h
+++ b/src/plugins/ikev2/ikev2_priv.h
@@ -441,6 +441,7 @@ typedef struct
  
    /* is NAT traversal mode */
    u8 natt;
+  u8 keys_generated;
  } ikev2_sa_t;
author	Filip Tehlar <ftehlar@cisco.com>
	Tue, 28 Jul 2020 07:25:08 +0000 (07:25 +0000)
committer	Filip Tehlar <ftehlar@cisco.com>
	Tue, 28 Jul 2020 07:25:08 +0000 (07:25 +0000)
src/plugins/ikev2/ikev2.c		patch \| blob \| history
src/plugins/ikev2/ikev2_priv.h		patch \| blob \| history