git.ipfire.org Git - thirdparty/strongswan.git/commit

author	Tobias Brunner <tobias@strongswan.org>
	Fri, 26 Aug 2022 15:29:00 +0000 (17:29 +0200)
committer	Tobias Brunner <tobias@strongswan.org>
	Tue, 20 Sep 2022 08:03:02 +0000 (10:03 +0200)
commit	69995ed2c42be0dbb52a61b906ec63b9bbd1099f
tree	3fb327a1575a796aec31aab2bf264451ed8fd767	tree \| snapshot
parent	48e9267d7a0d961647114add028438d544447772	commit \| diff

ike-sa: Always set ike_cfg_t when setting peer_cfg_t

This is more consistent and e.g. allows to properly take into account
some settings that are also relevant during IKE_AUTH (e.g. childless).

We also already use the peer_cfg_t's ike_cfg_t when rekeying,
reauthenticating and reestablishing an IKE_SA (and e.g. for DSCP).

Also changed are some IKEv1 cases where get_ike_cfg() is called before
set_peer_cfg() without taking a reference to the ike_cfg_t that might
get replaced/destroyed (none of the cases were problematic, though, but
it also wasn't necessary to keep the ike_cfg_t around).

Closes strongswan/strongswan#1238

src/libcharon/sa/ike_sa.c		diff \| blob \| blame \| history
src/libcharon/sa/ikev1/tasks/aggressive_mode.c		diff \| blob \| blame \| history
src/libcharon/sa/ikev1/tasks/main_mode.c		diff \| blob \| blame \| history