Set sp_id to reqid when creating ESA
authorAdrian-Ken Rueegsegger <ken@codelabs.ch>
Mon, 17 Dec 2012 16:21:47 +0000 (17:21 +0100)
committerTobias Brunner <tobias@strongswan.org>
Tue, 19 Mar 2013 14:23:49 +0000 (15:23 +0100)
The reqid corresponds to the sp_id (security policy id) on the TKM side.

src/charon-tkm/src/tkm/tkm_kernel_ipsec.c

index 623942b..d60b8e5 100644 (file)
@@ -134,7 +134,7 @@ METHOD(kernel_ipsec_t, add_sa, status_t,
         */
        if (nonce_loc_id == 0 && esa.dh_id == 0)
        {
-               if (ike_esa_create_first(esa_id, esa.isa_id, 1, 1, ntohl(spi_loc),
+               if (ike_esa_create_first(esa_id, esa.isa_id, reqid, 1, ntohl(spi_loc),
                                                                 ntohl(spi_rem)) != TKM_OK)
                {
                        DBG1(DBG_KNL, "child SA (%llu, first) creation failed", esa_id);
@@ -146,7 +146,7 @@ METHOD(kernel_ipsec_t, add_sa, status_t,
        {
                nonce_type nc_rem;
                chunk_to_sequence(nonce_rem, &nc_rem, sizeof(nonce_type));
-               if (ike_esa_create_no_pfs(esa_id, esa.isa_id, 1, 1, nonce_loc_id,
+               if (ike_esa_create_no_pfs(esa_id, esa.isa_id, reqid, 1, nonce_loc_id,
                                                                  nc_rem, initiator, ntohl(spi_loc),
                                                                  ntohl(spi_rem)) != TKM_OK)
                {
@@ -160,7 +160,7 @@ METHOD(kernel_ipsec_t, add_sa, status_t,
        {
                nonce_type nc_rem;
                chunk_to_sequence(nonce_rem, &nc_rem, sizeof(nonce_type));
-               if (ike_esa_create(esa_id, esa.isa_id, 1, 1, esa.dh_id, nonce_loc_id,
+               if (ike_esa_create(esa_id, esa.isa_id, reqid, 1, esa.dh_id, nonce_loc_id,
                                                   nc_rem, initiator, ntohl(spi_loc),
                                                   ntohl(spi_rem)) != TKM_OK)
                {