child-rekey: Uninstall old outbound SA earlier on initiator/winner
authorTobias Brunner <tobias@strongswan.org>
Fri, 26 Nov 2021 10:32:46 +0000 (11:32 +0100)
committerTobias Brunner <tobias@strongswan.org>
Wed, 1 Dec 2021 10:00:40 +0000 (11:00 +0100)
commitdcaf9b38f3c6bdbea56b7a88c894ed29639c606b
tree37b0d60299242430e6a261c24fcc612af465520f
parente9ba195910b7300551b79f90d870fa0f77d73fa9
child-rekey: Uninstall old outbound SA earlier on initiator/winner

This is useful for kernel implementations where the ordering of SAs
is unpredictable and the new SA might otherwise not be used until the
DELETE response has been received, which is not ideal as the responder
might not keep the old SA around that long.  On Linux, it makes no
difference as we switch to the new outbound SA immediately because the
updated outbound policy references its SPI.
src/libcharon/sa/ikev2/tasks/child_delete.c
src/libcharon/sa/ikev2/tasks/child_rekey.c
src/libcharon/tests/suites/test_child_rekey.c