代码拉取完成,页面将自动刷新
同步操作将从 src-openEuler/libreswan 强制同步,此操作会覆盖自 Fork 仓库以来所做的任何修改,且无法恢复!!!
确定后同步将在后台操作,完成时将刷新页面,请耐心等待。
diff --git a/programs/pluto/state.c b/programs/pluto/state.c
index 7b33145..a3bcc3c 100644
--- a/programs/pluto/state.c
+++ b/programs/pluto/state.c
@@ -3155,27 +3155,40 @@ void ISAKMP_SA_established(const struct state *pst)
d = next;
}
- if (c->newest_isakmp_sa != SOS_NOBODY &&
- c->newest_isakmp_sa != pst->st_serialno) {
- struct state *old_p1 = state_by_serialno(c->newest_isakmp_sa);
+ /*
+ * This only affects IKEv2, since we don't store any
+ * received INITIAL_CONTACT for IKEv1.
+ * We don't do this on IKEv1, because it seems to
+ * confuse various third parties (Windows, Cisco VPN 300,
+ * and juniper
+ * likely because this would be called before the IPsec SA
+ * of QuickMode is installed, so the remote endpoints view
+ * this IKE SA still as the active one?
+ */
+ if (pst->st_seen_initialc) {
- DBG(DBG_CONTROL, DBG_log("deleting replaced IKE state for %s",
- old_p1->st_connection->name));
- old_p1->st_suppress_del_notify = TRUE;
- event_force(EVENT_SA_EXPIRE, old_p1);
- }
+ if (c->newest_isakmp_sa != SOS_NOBODY &&
+ c->newest_isakmp_sa != pst->st_serialno) {
+ struct state *old_p1 = state_by_serialno(c->newest_isakmp_sa);
- if (pst->st_seen_initialc && (c->newest_ipsec_sa != SOS_NOBODY))
- {
- struct state *old_p2 = state_by_serialno(c->newest_ipsec_sa);
- struct connection *d = old_p2 == NULL ? NULL : old_p2->st_connection;
+ DBG(DBG_CONTROL, DBG_log("deleting replaced IKE state for %s",
+ old_p1->st_connection->name));
+ old_p1->st_suppress_del_notify = TRUE;
+ event_force(EVENT_SA_EXPIRE, old_p1);
+ }
- if (c == d && same_id(&c->spd.that.id, &d->spd.that.id))
+ if (c->newest_ipsec_sa != SOS_NOBODY)
{
- DBG(DBG_CONTROL, DBG_log("Initial Contact received, deleting old state #%lu from connection '%s'",
- c->newest_ipsec_sa, c->name));
- old_p2->st_suppress_del_notify = TRUE;
- event_force(EVENT_SA_EXPIRE, old_p2);
+ struct state *old_p2 = state_by_serialno(c->newest_ipsec_sa);
+ struct connection *d = old_p2 == NULL ? NULL : old_p2->st_connection;
+
+ if (c == d && same_id(&c->spd.that.id, &d->spd.that.id))
+ {
+ DBG(DBG_CONTROL, DBG_log("Initial Contact received, deleting old state #%lu from connection '%s'",
+ c->newest_ipsec_sa, c->name));
+ old_p2->st_suppress_del_notify = TRUE;
+ event_force(EVENT_SA_EXPIRE, old_p2);
+ }
}
}
此处可能存在不合适展示的内容,页面不予展示。您可通过相关编辑功能自查并修改。
如您确认内容无涉及 不当用语 / 纯广告导流 / 暴力 / 低俗色情 / 侵权 / 盗版 / 虚假 / 无价值内容或违法国家有关法律法规的内容,可点击提交进行申诉,我们将尽快为您处理。
马建仓 AI 助手