Never register IKE_SA during checkout_new, as rekeying keeps it checked out
authorMartin Willi <martin@revosec.ch>
Tue, 7 Dec 2010 10:41:41 +0000 (11:41 +0100)
committerMartin Willi <martin@revosec.ch>
Tue, 7 Dec 2010 15:30:38 +0000 (16:30 +0100)
src/libcharon/sa/ike_sa_manager.c
src/libcharon/sa/ike_sa_manager.h

index 31f14f0..9a3c3ce 100644 (file)
@@ -914,8 +914,6 @@ static ike_sa_t *checkout_new(private_ike_sa_manager_t* this, bool initiator)
 {
        ike_sa_id_t *ike_sa_id;
        ike_sa_t *ike_sa;
-       entry_t *entry;
-       u_int segment;
 
        if (initiator)
        {
@@ -926,23 +924,12 @@ static ike_sa_t *checkout_new(private_ike_sa_manager_t* this, bool initiator)
                ike_sa_id = ike_sa_id_create(0, get_next_spi(this), FALSE);
        }
        ike_sa = ike_sa_create(ike_sa_id);
+       ike_sa_id->destroy(ike_sa_id);
 
        DBG2(DBG_MGR, "created IKE_SA %s[%u]", ike_sa->get_name(ike_sa),
                        ike_sa->get_unique_id(ike_sa));
 
-       if (!initiator)
-       {
-               ike_sa_id->destroy(ike_sa_id);
-               return ike_sa;
-       }
-
-       entry = entry_create();
-       entry->ike_sa_id = ike_sa_id;
-       entry->ike_sa = ike_sa;
-       segment = put_entry(this, entry);
-       entry->checked_out = TRUE;
-       unlock_single_segment(this, segment);
-       return entry->ike_sa;
+       return ike_sa;
 }
 
 /**
index f4eabf8..115e8d3 100644 (file)
@@ -52,9 +52,6 @@ struct ike_sa_manager_t {
        /**
         * Create and check out a new IKE_SA.
         *
-        * @note If initiator equals FALSE, the returned IKE_SA is not registered
-        * in the manager.
-        *
         * @param initiator                     TRUE for initiator, FALSE otherwise
         * @returns                             created and checked out IKE_SA
         */