Call Esa_Select after creation of child SA
authorAdrian-Ken Rueegsegger <ken@codelabs.ch>
Mon, 12 Nov 2012 18:05:28 +0000 (19:05 +0100)
committerTobias Brunner <tobias@strongswan.org>
Tue, 19 Mar 2013 14:23:49 +0000 (15:23 +0100)
This tells the TKM which child SA is the currently active SA.

src/charon-tkm/src/tkm/tkm_kernel_ipsec.c

index 4e813a0..623942b 100644 (file)
@@ -169,6 +169,16 @@ METHOD(kernel_ipsec_t, add_sa, status_t,
                }
                tkm->idmgr->release_id(tkm->idmgr, TKM_CTX_NONCE, nonce_loc_id);
        }
+       if (ike_esa_select(esa_id) != TKM_OK)
+       {
+               DBG1(DBG_KNL, "error selecting new child SA (%llu)", esa_id);
+               if (ike_esa_reset(esa_id) != TKM_OK)
+               {
+                       DBG1(DBG_KNL, "child SA (%llu) deletion failed", esa_id);
+               }
+               goto failure;
+       }
+
        DBG1(DBG_KNL, "added child SA (esa: %llu, isa: %llu, esp_spi_loc: %x, "
                 "esp_spi_rem: %x, role: %s)", esa_id, esa.isa_id, ntohl(spi_loc),
                 ntohl(spi_rem), initiator ? "initiator" : "responder");