aboutsummaryrefslogtreecommitdiffstats
path: root/src/charon/sa/tasks/child_create.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/charon/sa/tasks/child_create.c')
-rw-r--r--src/charon/sa/tasks/child_create.c18
1 files changed, 10 insertions, 8 deletions
diff --git a/src/charon/sa/tasks/child_create.c b/src/charon/sa/tasks/child_create.c
index 628d1397c..02664338a 100644
--- a/src/charon/sa/tasks/child_create.c
+++ b/src/charon/sa/tasks/child_create.c
@@ -327,20 +327,14 @@ static status_t select_and_install(private_child_create_t *this, bool no_dh)
}
}
+ this->child_sa->set_state(this->child_sa, CHILD_INSTALLING);
+
if (this->ipcomp != IPCOMP_NONE)
{
this->child_sa->activate_ipcomp(this->child_sa, this->ipcomp,
this->other_cpi);
}
- status = this->child_sa->add_policies(this->child_sa, my_ts, other_ts,
- this->mode, this->proposal->get_protocol(this->proposal));
- if (status != SUCCESS)
- {
- DBG1(DBG_IKE, "unable to install IPsec policies (SPD) in kernel");
- return NOT_FOUND;
- }
-
status = FAILED;
if (this->keymat->derive_child_keys(this->keymat, this->proposal,
this->dh, nonce_i, nonce_r, &encr_i, &integ_i, &encr_r, &integ_r))
@@ -367,6 +361,14 @@ static status_t select_and_install(private_child_create_t *this, bool no_dh)
return FAILED;
}
+ status = this->child_sa->add_policies(this->child_sa, my_ts, other_ts,
+ this->mode, this->proposal->get_protocol(this->proposal));
+ if (status != SUCCESS)
+ {
+ DBG1(DBG_IKE, "unable to install IPsec policies (SPD) in kernel");
+ return NOT_FOUND;
+ }
+
charon->bus->child_keys(charon->bus, this->child_sa, this->dh,
nonce_i, nonce_r);