]> git.ipfire.org Git - thirdparty/strongswan.git/commit
projects / thirdparty / strongswan.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: db57f57) | patch
ikev1: Always enable charon.reuse_ikesa
authorTobias Brunner <tobias@strongswan.org>
Fri, 18 Dec 2015 14:23:30 +0000 (15:23 +0100)
committerTobias Brunner <tobias@strongswan.org>
Mon, 1 Feb 2016 10:37:41 +0000 (11:37 +0100)
commit24ab8530e5e6ec209aff5292026b7d1e84d5ccab
tree49d552d906b46dc6525ceaee3622f690f5cb729dtree | snapshot
parentdb57f5702b62adadf4fd28c4c3a8d556a9692713commit | diff
ikev1: Always enable charon.reuse_ikesa

With IKEv1 we have to reuse IKE_SAs as otherwise the responder might
detect the new SA as reauthentication and will "adopt" the CHILD_SAs of
the original IKE_SA, while the initiator will not do so.  This could
cause CHILD_SA rekeying to fail later.

Fixes #1236.
conf/options/charon.opt diff | blob | blame | history
src/libcharon/sa/ike_sa_manager.c diff | blob | blame | history
Unnamed repository; edit this file 'description' to name the repository.