ikev2: Don't recreate IKE_SA if deletion fails after make-before-break reauth
Fixes: 7457143072
("During reauthentication reestablish IKE_SA even if deleting the old one fails.")
Fixes #2847.
This commit is contained in:
parent
01f462f0d3
commit
10f8834bf9
|
@ -2404,7 +2404,9 @@ METHOD(ike_sa_t, retransmit, status_t,
|
|||
}
|
||||
case IKE_DELETING:
|
||||
DBG1(DBG_IKE, "proper IKE_SA delete failed, peer not responding");
|
||||
if (has_condition(this, COND_REAUTHENTICATING))
|
||||
if (has_condition(this, COND_REAUTHENTICATING) &&
|
||||
!lib->settings->get_bool(lib->settings,
|
||||
"%s.make_before_break", FALSE, lib->ns))
|
||||
{
|
||||
DBG1(DBG_IKE, "delete during reauthentication failed, "
|
||||
"trying to reestablish IKE_SA anyway");
|
||||
|
|
Loading…
Reference in New Issue