diff options
Diffstat (limited to 'src/charon/sa/tasks/child_create.c')
-rw-r--r-- | src/charon/sa/tasks/child_create.c | 18 |
1 files changed, 10 insertions, 8 deletions
diff --git a/src/charon/sa/tasks/child_create.c b/src/charon/sa/tasks/child_create.c index 628d1397c..02664338a 100644 --- a/src/charon/sa/tasks/child_create.c +++ b/src/charon/sa/tasks/child_create.c @@ -327,20 +327,14 @@ static status_t select_and_install(private_child_create_t *this, bool no_dh) } } + this->child_sa->set_state(this->child_sa, CHILD_INSTALLING); + if (this->ipcomp != IPCOMP_NONE) { this->child_sa->activate_ipcomp(this->child_sa, this->ipcomp, this->other_cpi); } - status = this->child_sa->add_policies(this->child_sa, my_ts, other_ts, - this->mode, this->proposal->get_protocol(this->proposal)); - if (status != SUCCESS) - { - DBG1(DBG_IKE, "unable to install IPsec policies (SPD) in kernel"); - return NOT_FOUND; - } - status = FAILED; if (this->keymat->derive_child_keys(this->keymat, this->proposal, this->dh, nonce_i, nonce_r, &encr_i, &integ_i, &encr_r, &integ_r)) @@ -367,6 +361,14 @@ static status_t select_and_install(private_child_create_t *this, bool no_dh) return FAILED; } + status = this->child_sa->add_policies(this->child_sa, my_ts, other_ts, + this->mode, this->proposal->get_protocol(this->proposal)); + if (status != SUCCESS) + { + DBG1(DBG_IKE, "unable to install IPsec policies (SPD) in kernel"); + return NOT_FOUND; + } + charon->bus->child_keys(charon->bus, this->child_sa, this->dh, nonce_i, nonce_r); |