From cdab8630d975caa1d471faf24adea67540b376ab Mon Sep 17 00:00:00 2001
From: Martin Willi <martin@revosec.ch>
Date: Thu, 20 Jun 2013 16:12:14 +0200
Subject: [PATCH] ikev2: Allocate SPI with the protocol of the first/negotiated
 proposal

---
 src/libcharon/sa/ikev2/tasks/child_create.c | 18 ++++++++++++++++--
 1 file changed, 16 insertions(+), 2 deletions(-)

diff --git a/src/libcharon/sa/ikev2/tasks/child_create.c b/src/libcharon/sa/ikev2/tasks/child_create.c
index 8ae36af84a..7cfa537a98 100644
--- a/src/libcharon/sa/ikev2/tasks/child_create.c
+++ b/src/libcharon/sa/ikev2/tasks/child_create.c
@@ -244,9 +244,23 @@ static bool allocate_spi(private_child_create_t *this)
 {
 	enumerator_t *enumerator;
 	proposal_t *proposal;
+	protocol_id_t proto = PROTO_ESP;
 
-	/* TODO: allocate additional SPI for AH if we have such proposals */
-	this->my_spi = this->child_sa->alloc_spi(this->child_sa, PROTO_ESP);
+	if (this->initiator)
+	{
+		/* we just get a SPI for the first protocol. TODO: If we ever support
+		 * proposal lists with mixed protocols, we'd need multiple SPIs */
+		if (this->proposals->get_first(this->proposals,
+									   (void**)&proposal) == SUCCESS)
+		{
+			proto = proposal->get_protocol(proposal);
+		}
+	}
+	else
+	{
+		proto = this->proposal->get_protocol(this->proposal);
+	}
+	this->my_spi = this->child_sa->alloc_spi(this->child_sa, proto);
 	if (this->my_spi)
 	{
 		if (this->initiator)
-- 
2.47.2