farp: Only remove one tracked entry
authorTobias Brunner <tobias@strongswan.org>
Thu, 6 Jul 2017 12:14:06 +0000 (14:14 +0200)
committerTobias Brunner <tobias@strongswan.org>
Thu, 27 Jul 2017 11:07:23 +0000 (13:07 +0200)
Multiple CHILD_SAs sharing the same traffic selectors (e.g. during
make-before-break reauthentication) also have the same reqid assigned.
If all matching entries are removed we could end up without entry even
though an SA exists that still uses these traffic selectors.

Fixes #2373.

src/libcharon/plugins/farp/farp_listener.c

index e19fc59..28ced54 100644 (file)
@@ -101,6 +101,7 @@ METHOD(listener_t, child_updown, bool,
                                entry->remote->destroy_offset(entry->remote,
                                                                                offsetof(traffic_selector_t, destroy));
                                free(entry);
+                               break;
                        }
                }
                enumerator->destroy(enumerator);