Call Esa_Select after creation of child SA

This tells the TKM which child SA is the currently active SA.
author: Adrian-Ken Rueegsegger <ken@codelabs.ch> 2012-11-12 19:05:28 +0100
committer: Tobias Brunner <tobias@strongswan.org> 2013-03-19 15:23:49 +0100
commit: 1c1400f0079f7ded06ad66156d6d0398358fe1c2 (patch)
tree: 4e196b9572ef02e0f8dc1950f2596d43d9325a89 /src/charon-tkm
parent: d2371b728c645e93823a82b2ffc1b587e1b2b32f (diff)
download: strongswan-1c1400f0079f7ded06ad66156d6d0398358fe1c2.tar.bz2
strongswan-1c1400f0079f7ded06ad66156d6d0398358fe1c2.tar.xz
1 files changed, 10 insertions, 0 deletions
diff --git a/src/charon-tkm/src/tkm/tkm_kernel_ipsec.c b/src/charon-tkm/src/tkm/tkm_kernel_ipsec.c
index 4e813a035..623942b62 100644
--- a/src/charon-tkm/src/tkm/tkm_kernel_ipsec.c
+++ b/src/charon-tkm/src/tkm/tkm_kernel_ipsec.c
@@ -169,6 +169,16 @@ METHOD(kernel_ipsec_t, add_sa, status_t,
 		}
 		tkm->idmgr->release_id(tkm->idmgr, TKM_CTX_NONCE, nonce_loc_id);
 	}
+	if (ike_esa_select(esa_id) != TKM_OK)
+	{
+		DBG1(DBG_KNL, "error selecting new child SA (%llu)", esa_id);
+		if (ike_esa_reset(esa_id) != TKM_OK)
+		{
+			DBG1(DBG_KNL, "child SA (%llu) deletion failed", esa_id);
+		}
+		goto failure;
+	}
+
 	DBG1(DBG_KNL, "added child SA (esa: %llu, isa: %llu, esp_spi_loc: %x, "
 		 "esp_spi_rem: %x, role: %s)", esa_id, esa.isa_id, ntohl(spi_loc),
 		 ntohl(spi_rem), initiator ? "initiator" : "responder");
author	Adrian-Ken Rueegsegger <ken@codelabs.ch>	2012-11-12 19:05:28 +0100
committer	Tobias Brunner <tobias@strongswan.org>	2013-03-19 15:23:49 +0100
commit	1c1400f0079f7ded06ad66156d6d0398358fe1c2 (patch)
tree	4e196b9572ef02e0f8dc1950f2596d43d9325a89 /src/charon-tkm
parent	d2371b728c645e93823a82b2ffc1b587e1b2b32f (diff)
download	strongswan-1c1400f0079f7ded06ad66156d6d0398358fe1c2.tar.bz2 strongswan-1c1400f0079f7ded06ad66156d6d0398358fe1c2.tar.xz