From: Tobias Brunner <tobias@strongswan.org>
Date: Fri, 28 Mar 2025 14:50:53 +0000 (+0100)
Subject: ike-sa: Remove redundant setting of IKE_SA conditions after a rekeying
X-Git-Tag: 6.0.2dr1~46
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=8679d91c8179d1da641c15b019b540a61df42adc;p=thirdparty%2Fstrongswan.git

ike-sa: Remove redundant setting of IKE_SA conditions after a rekeying

This was originally added with b0e40caafbd7 ("NAT-T conditions were not
inherited during IKE_SA rekeying") in 2008 when there was only a single
inherit() method.  Later the inherit_pre() method was added and then
with 094963d1b160 ("ikev2: Apply extensions and conditions before
starting rekeying") in 2014 the extensions and conditions were set
already there.
---

diff --git a/src/libcharon/sa/ike_sa.c b/src/libcharon/sa/ike_sa.c
index 87de1cc84d..77e5721825 100644
--- a/src/libcharon/sa/ike_sa.c
+++ b/src/libcharon/sa/ike_sa.c
@@ -3005,8 +3005,6 @@ METHOD(ike_sa_t, inherit_post, void,
 		array_insert(this->attributes, ARRAY_TAIL, &entry);
 	}
 
-	/* inherit all conditions */
-	this->conditions = other->conditions;
 	if (this->conditions & COND_NAT_HERE)
 	{
 		send_keepalive(this, FALSE);