child-sa: Introduce a CHILD_RETRYING state to detect DH group retries
authorMartin Willi <martin@revosec.ch>
Mon, 3 Nov 2014 08:38:27 +0000 (09:38 +0100)
committerMartin Willi <martin@revosec.ch>
Fri, 21 Nov 2014 11:51:19 +0000 (12:51 +0100)
src/libcharon/sa/child_sa.c
src/libcharon/sa/child_sa.h
src/libcharon/sa/ikev2/tasks/child_create.c

index a96ab4e..66be5fe 100644 (file)
@@ -34,6 +34,7 @@ ENUM(child_sa_state_names, CHILD_CREATED, CHILD_DESTROYING,
        "INSTALLED",
        "UPDATING",
        "REKEYING",
+       "RETRYING",
        "DELETING",
        "DESTROYING",
 );
index a0c6c35..30a0edf 100644 (file)
@@ -68,6 +68,11 @@ enum child_sa_state_t {
        CHILD_REKEYING,
 
        /**
+        * CHILD_SA negotiation failed, but gets retried
+        */
+       CHILD_RETRYING,
+
+       /**
         * CHILD_SA in progress of delete
         */
        CHILD_DELETING,
index a1f01c2..e7a9148 100644 (file)
@@ -1408,6 +1408,7 @@ METHOD(task_t, process_i, status_t,
                                                 this->dh_group, diffie_hellman_group_names, group);
                                        this->retry = TRUE;
                                        this->dh_group = group;
+                                       this->child_sa->set_state(this->child_sa, CHILD_RETRYING);
                                        this->public.task.migrate(&this->public.task, this->ike_sa);
                                        enumerator->destroy(enumerator);
                                        return NEED_MORE;