ikev2: Prevent IKE_SA rekeying if we are currently retrying a CHILD_SA rekey
authorMartin Willi <martin@revosec.ch>
Fri, 21 Nov 2014 11:10:16 +0000 (12:10 +0100)
committerMartin Willi <martin@revosec.ch>
Fri, 21 Nov 2014 11:51:20 +0000 (12:51 +0100)
src/libcharon/sa/ikev2/tasks/ike_rekey.c

index 444ac6a..fdab038 100644 (file)
@@ -163,6 +163,7 @@ METHOD(task_t, process_r, status_t,
                {
                        case CHILD_CREATED:
                        case CHILD_REKEYING:
+                       case CHILD_RETRYING;
                        case CHILD_DELETING:
                                /* we do not allow rekeying while we have children in-progress */
                                DBG1(DBG_IKE, "peer initiated rekeying, but a child is half-open");