child-rekey: Don't add a REKEY_SA notify if the child-create task is deleting the SA

diff --git a/src/libcharon/sa/ikev2/tasks/child_rekey.c b/src/libcharon/sa/ikev2/tasks/child_rekey.c
index 4dc9aaf33ecabe4ff348bf81b9ced288ab5ceb0d..c7a8a1342c354d1219a888bf2aa619a76838fce3 100644 (file)
--- a/src/libcharon/sa/ikev2/tasks/child_rekey.c
+++ b/src/libcharon/sa/ikev2/tasks/child_rekey.c
@@ -170,13 +170,8 @@ METHOD(task_t, build_i, status_t,
        }
        config = this->child_sa->get_config(this->child_sa);
 
-       /* we just need the rekey notify ... */
-       notify = notify_payload_create_from_protocol_and_type(PLV2_NOTIFY,
-                                                                                                       this->protocol, REKEY_SA);
-       notify->set_spi(notify, this->spi);
-       message->add_payload(message, (payload_t*)notify);
 
-       /* ... our CHILD_CREATE task does the hard work for us. */
+       /* our CHILD_CREATE task does the hard work for us */
        if (!this->child_create)
        {
                this->child_create = child_create_create(this->ike_sa,
@@ -194,6 +189,14 @@ METHOD(task_t, build_i, status_t,
                schedule_delayed_rekey(this);
                return FAILED;
        }
+       if (message->get_exchange_type(message) == CREATE_CHILD_SA)
+       {
+               /* don't add the notify if the CHILD_CREATE task changed the exchange */
+               notify = notify_payload_create_from_protocol_and_type(PLV2_NOTIFY,
+                                                                                                       this->protocol, REKEY_SA);
+               notify->set_spi(notify, this->spi);
+               message->add_payload(message, (payload_t*)notify);
+       }
        this->child_sa->set_state(this->child_sa, CHILD_REKEYING);
 
        return NEED_MORE;