diff options
| author | Martin Willi <martin@revosec.ch> | 2013-06-11 16:11:14 +0200 |
|---|---|---|
| committer | Martin Willi <martin@revosec.ch> | 2013-06-19 16:30:40 +0200 |
| commit | a7bc0bf4a6c091637e81eec0c268e5947f5c1e21 (patch) | |
| tree | 809157a900b51683a63a3f33fc8d7a0ad7a0eec5 | |
| parent | 2dcfc6983bc2f73bbc355f9204dda6a2901a3a38 (diff) | |
| download | strongswan-a7bc0bf4a6c091637e81eec0c268e5947f5c1e21.tar.bz2 strongswan-a7bc0bf4a6c091637e81eec0c268e5947f5c1e21.tar.xz | |
ike: reuse the reqid of an installed trap having the same config
When we have a trap installed, but a CHILD_SA gets established for the same
config from the peer, we should reuse the same reqid. Otherwise we would have
two identical policies using different reqids, what we can't handle in our
kernel backend.
| -rw-r--r-- | src/libcharon/sa/child_sa.c | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/src/libcharon/sa/child_sa.c b/src/libcharon/sa/child_sa.c index f50e32ff1..1069b2d91 100644 --- a/src/libcharon/sa/child_sa.c +++ b/src/libcharon/sa/child_sa.c @@ -1149,7 +1149,11 @@ child_sa_t * child_sa_create(host_t *me, host_t* other, } else { - this->reqid = ref_get(&reqid); + this->reqid = charon->traps->find_reqid(charon->traps, config); + if (!this->reqid) + { + this->reqid = ref_get(&reqid); + } } } |