ims-volte-vowifi
/
strongswan
9
0
Fork 0
Code Pull Requests Releases Activity

child-rekey: Suppress updown event when deleting redundant CHILD_SAs 

When handling a rekey collision we might have to delete an already
installed redundant CHILD_SA (or expect the other peer to do so).
We don't want to trigger updown events for these as neither do we do
so for successfully rekeyed CHILD_SAs.

Fixes #853.
This commit is contained in:
Tobias Brunner 2015-12-15 17:15:32 +01:00
parent 4cfcbe97a4
commit 7f2a20a4f4
1 changed files with 10 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
src/libcharon/sa/ikev2/tasks/child_rekey.c
View File

@ -279,11 +279,15 @@ static child_sa_t *handle_collision(private_child_rekey_t *this)
/* don't touch child other created, it has already been deleted */
if (!this->other_child_destroyed)
{
/* disable close action for the redundand child */
/* disable close action and updown event for redundant child */
child_sa = other->child_create->get_child(other->child_create);
if (child_sa)
{
child_sa->set_close_action(child_sa, ACTION_NONE);
if (child_sa->get_state(child_sa) != CHILD_REKEYING)
{
child_sa->set_state(child_sa, CHILD_REKEYING);
}
}
}
}
@ -372,6 +376,11 @@ METHOD(task_t, process_i, status_t,
{
return SUCCESS;
}
/* disable updown event for redundant CHILD_SA */
if (to_delete->get_state(to_delete) != CHILD_REKEYING)
{
to_delete->set_state(to_delete, CHILD_REKEYING);
}
spi = to_delete->get_spi(to_delete, TRUE);
protocol = to_delete->get_protocol(to_delete);