]> git.ipfire.org Git - thirdparty/strongswan.git/commit
projects / thirdparty / strongswan.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: e4b7b48) | patch
ikev1: Delay a potential delete for a duplicate IKE_SA having a replace policy
authorMartin Willi <martin@revosec.ch>
Wed, 18 Sep 2013 11:56:45 +0000 (13:56 +0200)
committerMartin Willi <martin@revosec.ch>
Mon, 30 Sep 2013 11:51:11 +0000 (13:51 +0200)
commitee99f37eccb08474b53eebb81761c038bf46c458
tree35a14ed7efca0fd923ec164c5fa3e94226128ffatree
parente4b7b48c1ec0b1e78db995892d73a64240e87010commit | diff
ikev1: Delay a potential delete for a duplicate IKE_SA having a replace policy

Sending a DELETE for the replaced SA immediately is problematic during
reauthentication, as the peer might have associated the Quick Modes to the
old SA, and also delete them.

With this change the delete for the old ISAKMP SA is usually omitted, as it
is gets implicitly deleted by the reauth.
src/libcharon/sa/ike_sa_manager.c diff | blob | blame | history
Unnamed repository; edit this file 'description' to name the repository.