diff options
author | Tobias Brunner <tobias@strongswan.org> | 2015-03-24 18:36:49 +0100 |
---|---|---|
committer | Tobias Brunner <tobias@strongswan.org> | 2015-03-25 12:00:20 +0100 |
commit | 70728eb1b6005fe6e400e5df3534ed7087acc380 (patch) | |
tree | ebcd9f358146f57c97814952128e6a68d5f10747 /src/libcharon/sa/ikev1/tasks | |
parent | 66147ef6700d4ad1af00083580823fa48b129408 (diff) | |
download | strongswan-70728eb1b6005fe6e400e5df3534ed7087acc380.tar.bz2 strongswan-70728eb1b6005fe6e400e5df3534ed7087acc380.tar.xz |
child-sa: Add a new state to track rekeyed IKEv1 CHILD_SAs
This is needed to handle DELETEs properly, which was previously done via
CHILD_REKEYING, which we don't use anymore since 5c6a62ceb6 as it prevents
reauthentication.
Diffstat (limited to 'src/libcharon/sa/ikev1/tasks')
-rw-r--r-- | src/libcharon/sa/ikev1/tasks/quick_delete.c | 2 | ||||
-rw-r--r-- | src/libcharon/sa/ikev1/tasks/quick_mode.c | 3 |
2 files changed, 3 insertions, 2 deletions
diff --git a/src/libcharon/sa/ikev1/tasks/quick_delete.c b/src/libcharon/sa/ikev1/tasks/quick_delete.c index 4206182a0..1b95a8b11 100644 --- a/src/libcharon/sa/ikev1/tasks/quick_delete.c +++ b/src/libcharon/sa/ikev1/tasks/quick_delete.c @@ -105,7 +105,7 @@ static bool delete_child(private_quick_delete_t *this, protocol_id_t protocol, this->spi = spi = child_sa->get_spi(child_sa, TRUE); } - rekeyed = child_sa->get_state(child_sa) == CHILD_REKEYING; + rekeyed = child_sa->get_state(child_sa) == CHILD_REKEYED; child_sa->set_state(child_sa, CHILD_DELETING); my_ts = linked_list_create_from_enumerator( diff --git a/src/libcharon/sa/ikev1/tasks/quick_mode.c b/src/libcharon/sa/ikev1/tasks/quick_mode.c index 982c12851..96edfd8d8 100644 --- a/src/libcharon/sa/ikev1/tasks/quick_mode.c +++ b/src/libcharon/sa/ikev1/tasks/quick_mode.c @@ -402,7 +402,7 @@ static bool install(private_quick_mode_t *this) { charon->bus->child_rekey(charon->bus, old, this->child_sa); /* rekeyed CHILD_SAs stay installed until they expire */ - old->set_state(old, CHILD_INSTALLED); + old->set_state(old, CHILD_REKEYED); } else { @@ -988,6 +988,7 @@ static void check_for_rekeyed_child(private_quick_mode_t *this) { case CHILD_INSTALLED: case CHILD_REKEYING: + case CHILD_REKEYED: policies = child_sa->create_policy_enumerator(child_sa); if (policies->enumerate(policies, &local, &remote) && local->equals(local, this->tsr) && |