ikev2: cleanup tunnels after subsequent sa-init

author Filip Tehlar <ftehlar@cisco.com>

Wed, 19 Feb 2020 01:03:02 +0000 (01:03 +0000)

committer Damjan Marion <dmarion@me.com>

Fri, 21 Feb 2020 09:56:02 +0000 (09:56 +0000)
author Filip Tehlar <ftehlar@cisco.com>
Wed, 19 Feb 2020 01:03:02 +0000 (01:03 +0000)
committer Damjan Marion <dmarion@me.com>
Fri, 21 Feb 2020 09:56:02 +0000 (09:56 +0000)
diff --git a/src/plugins/ikev2/ikev2.c b/src/plugins/ikev2/ikev2.c

index 248b6f2..a647784 100644 (file)
--- a/src/plugins/ikev2/ikev2.c
+++ b/src/plugins/ikev2/ikev2.c
@@ -1951,6 +1951,8 @@ ikev2_generate_message (ikev2_sa_t * sa, ike_header_t * ike, void *user)
           ikev2_payload_add_sa (chain, sa->childs[0].i_proposals);
           ikev2_payload_add_ts (chain, sa->childs[0].tsi, IKEV2_PAYLOAD_TSI);
           ikev2_payload_add_ts (chain, sa->childs[0].tsr, IKEV2_PAYLOAD_TSR);
+         ikev2_payload_add_notify (chain, IKEV2_NOTIFY_MSG_INITIAL_CONTACT,
+                                   0);
         }
        else
         {
@@ -3184,6 +3186,7 @@ ikev2_initiate_sa_init (vlib_main_t * vm, u8 * name)
      sa.state = IKEV2_STATE_SA_INIT;
      sa.tun_itf = p->tun_itf;
      sa.is_tun_itf_set = 1;
+    sa.initial_contact = 1;
      ikev2_generate_sa_init_data (&sa);
      ikev2_payload_add_ke (chain, sa.dh_group, sa.i_dh_data);
      ikev2_payload_add_nonce (chain, sa.i_nonce);
@@ -3263,6 +3266,8 @@ ikev2_initiate_sa_init (vlib_main_t * vm, u8 * name)
      vec_add (sa.childs[0].tsi, &p->loc_ts, 1);
      vec_add (sa.childs[0].tsr, &p->rem_ts, 1);
  
+    ikev2_initial_contact_cleanup (&sa);
+
      /* add SA to the pool */
      ikev2_sa_t *sa0 = 0;
      pool_get (km->sais, sa0);
author	Filip Tehlar <ftehlar@cisco.com>
	Wed, 19 Feb 2020 01:03:02 +0000 (01:03 +0000)
committer	Damjan Marion <dmarion@me.com>
	Fri, 21 Feb 2020 09:56:02 +0000 (09:56 +0000)