starter: Don't ignore keyingtries with rekey=no
authorTobias Brunner <tobias@strongswan.org>
Thu, 26 Sep 2013 08:15:03 +0000 (10:15 +0200)
committerTobias Brunner <tobias@strongswan.org>
Thu, 26 Sep 2013 08:17:48 +0000 (10:17 +0200)
Since keyingtries also affects the number of retries initially or when
reestablishing an SA it should not be affected by the rekey option.

Fixes #418.

src/starter/starterstroke.c

index f454193..bf7e028 100644 (file)
@@ -176,9 +176,10 @@ int starter_stroke_add_conn(starter_config_t *cfg, starter_conn_t *conn)
                msg.add_conn.rekey.margin_bytes = conn->sa_ipsec_margin_bytes;
                msg.add_conn.rekey.life_packets = conn->sa_ipsec_life_packets;
                msg.add_conn.rekey.margin_packets = conn->sa_ipsec_margin_packets;
-               msg.add_conn.rekey.tries = conn->sa_keying_tries;
                msg.add_conn.rekey.fuzz = conn->sa_rekey_fuzz;
        }
+       msg.add_conn.rekey.tries = conn->sa_keying_tries;
+
        msg.add_conn.mobike = conn->options & SA_OPTION_MOBIKE;
        msg.add_conn.force_encap = conn->options & SA_OPTION_FORCE_ENCAP;
        msg.add_conn.fragmentation = conn->fragmentation;