Reuse reqid of an existing Quick Mode, even if it has been rekeyed
authorMartin Willi <martin@revosec.ch>
Wed, 3 Apr 2013 13:56:26 +0000 (15:56 +0200)
committerMartin Willi <martin@revosec.ch>
Wed, 3 Apr 2013 13:56:26 +0000 (15:56 +0200)
If two peers rekey Quick Modes at the same time, the original Quick Mode is
in REKEYING state and hence the requid is not reused. This is required though,
as two identical policies won't work if they have different requids.

src/libcharon/sa/ikev1/tasks/quick_mode.c

index afdff8c..bb50ca9 100644 (file)
@@ -925,7 +925,8 @@ static void check_for_rekeyed_child(private_quick_mode_t *this)
        enumerator = this->ike_sa->create_child_sa_enumerator(this->ike_sa);
        while (this->reqid == 0 && enumerator->enumerate(enumerator, &child_sa))
        {
-               if (child_sa->get_state(child_sa) == CHILD_INSTALLED &&
+               if ((child_sa->get_state(child_sa) == CHILD_INSTALLED ||
+                        child_sa->get_state(child_sa) == CHILD_REKEYING) &&
                        streq(child_sa->get_name(child_sa),
                                  this->config->get_name(this->config)))
                {