ike-sa: Correctly maintain allocated reqid when recreating CHILD_SA

Maintaining the reqid when recreating a CHILD_SA from scratch night not
strictly be necessary as we usually don't have to replace any temporary
states in the kernel.  However, there could be concurrent acquires that
might actually make it necessary (we use the reqid to keep track of
acquires and it's also part of the duplicate check).

diff --git a/src/libcharon/sa/ike_sa.c b/src/libcharon/sa/ike_sa.c
index 6b0e72da326377a0689fa6ae9d064b55805fb1e4..654508e4b31f6479065fb02db1d4965840c8286d 100644 (file)
--- a/src/libcharon/sa/ike_sa.c
+++ b/src/libcharon/sa/ike_sa.c
@@ -2067,7 +2067,7 @@ static status_t reestablish_children(private_ike_sa_t *this, ike_sa_t *new,
                if (action & ACTION_START)
                {
                        child_init_args_t args = {
-                               .reqid = child_sa->get_reqid(child_sa),
+                               .reqid = child_sa->get_reqid_ref(child_sa),
                                .label = child_sa->get_label(child_sa),
                        };
                        child_cfg = child_sa->get_config(child_sa);
@@ -2076,6 +2076,10 @@ static status_t reestablish_children(private_ike_sa_t *this, ike_sa_t *new,
                        other->task_manager->queue_child(other->task_manager,
                                                                                         child_cfg->get_ref(child_cfg),
                                                                                         &args);
+                       if (args.reqid)
+                       {
+                               charon->kernel->release_reqid(charon->kernel, args.reqid);
+                       }
                }
        }
        enumerator->destroy(enumerator);