]> git.ipfire.org Git - thirdparty/strongswan.git/commitdiff
projects / thirdparty / strongswan.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 736ac65)
child-create: Don't reset DH group when retrying after INVALID_KE_PAYLOAD
authorTobias Brunner <tobias@strongswan.org>
Fri, 5 Jun 2020 14:41:23 +0000 (16:41 +0200)
committerTobias Brunner <tobias@strongswan.org>
Fri, 5 Jun 2020 14:41:23 +0000 (16:41 +0200)
migrate() is called before retrying.

Fixes: 0184a69b7b14 ("child-create: Properly handle DH group during
migration when reestablishing")

src/libcharon/sa/ikev2/tasks/child_create.c patch | blob | blame | history

diff --git a/src/libcharon/sa/ikev2/tasks/child_create.c b/src/libcharon/sa/ikev2/tasks/child_create.c
index 278d09a6068fea8c29858a09bc1261e0938cdeb3..2b9e68d3bf6ea0fd57a2e9832e06165380c648d0 100644 (file)
--- a/src/libcharon/sa/ikev2/tasks/child_create.c
+++ b/src/libcharon/sa/ikev2/tasks/child_create.c
@@ -1853,7 +1853,7 @@ METHOD(task_t, migrate, void,
        {
                this->proposals->destroy_offset(this->proposals, offsetof(proposal_t, destroy));
        }
-       if (!this->rekey)
+       if (!this->rekey && !this->retry)
        {
                this->dh_group = MODP_NONE;
        }
Unnamed repository; edit this file 'description' to name the repository.