child-rekey: Don't change state to INSTALLED if it was already REKEYING
authorTobias Brunner <tobias@strongswan.org>
Wed, 25 May 2016 12:55:16 +0000 (14:55 +0200)
committerTobias Brunner <tobias@strongswan.org>
Fri, 17 Jun 2016 16:48:03 +0000 (18:48 +0200)
This happens if there is a rekey collision and the peers disagree on the
DH group.

src/libcharon/sa/ikev2/tasks/child_rekey.c

index 57085e8..3ce6834 100644 (file)
@@ -218,6 +218,7 @@ METHOD(task_t, build_r, status_t,
 {
        child_cfg_t *config;
        uint32_t reqid;
+       child_sa_state_t state;
 
        if (!this->child_sa)
        {
@@ -241,12 +242,13 @@ METHOD(task_t, build_r, status_t,
        config = this->child_sa->get_config(this->child_sa);
        this->child_create->set_config(this->child_create, config->get_ref(config));
        this->child_create->task.build(&this->child_create->task, message);
+
+       state = this->child_sa->get_state(this->child_sa);
        this->child_sa->set_state(this->child_sa, CHILD_REKEYING);
 
        if (message->get_payload(message, PLV2_SECURITY_ASSOCIATION) == NULL)
-       {
-               /* rekeying failed, reuse old child */
-               this->child_sa->set_state(this->child_sa, CHILD_INSTALLED);
+       {       /* rekeying failed, reuse old child */
+               this->child_sa->set_state(this->child_sa, state);
                return SUCCESS;
        }