From 5c6a62ceb6657047d4e6e2857f634145c4b7caa8 Mon Sep 17 00:00:00 2001 From: Tobias Brunner Date: Wed, 11 Mar 2015 15:48:51 +0100 Subject: [PATCH] ikev1: Mark rekeyed CHILD_SAs as INSTALLED Since we keep them around until they finally expire they otherwise would block IKE_SA rekeying/reauthentication. --- src/libcharon/sa/ikev1/tasks/quick_mode.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/libcharon/sa/ikev1/tasks/quick_mode.c b/src/libcharon/sa/ikev1/tasks/quick_mode.c index 828b166d0..4b5b0160a 100644 --- a/src/libcharon/sa/ikev1/tasks/quick_mode.c +++ b/src/libcharon/sa/ikev1/tasks/quick_mode.c @@ -401,6 +401,8 @@ static bool install(private_quick_mode_t *this) if (old) { charon->bus->child_rekey(charon->bus, old, this->child_sa); + /* rekeyed CHILD_SAs stay installed until they expire */ + old->set_state(old, CHILD_INSTALLED); } else {