ike: reuse the reqid of an installed trap having the same config

When we have a trap installed, but a CHILD_SA gets established for the same
config from the peer, we should reuse the same reqid. Otherwise we would have
two identical policies using different reqids, what we can't handle in our
kernel backend.

diff --git a/src/libcharon/sa/child_sa.c b/src/libcharon/sa/child_sa.c
index f50e32ff1ad7444a430452a65b6f7df773b7936d..1069b2d91333b7e17e1ee2be34a47cc00a85e74f 100644 (file)
--- a/src/libcharon/sa/child_sa.c
+++ b/src/libcharon/sa/child_sa.c
@@ -1149,7 +1149,11 @@ child_sa_t * child_sa_create(host_t *me, host_t* other,
                }
                else
                {
-                       this->reqid = ref_get(&reqid);
+                       this->reqid = charon->traps->find_reqid(charon->traps, config);
+                       if (!this->reqid)
+                       {
+                               this->reqid = ref_get(&reqid);
+                       }
                }
        }