Don't queue delete_ike_sa job when setting IKE_DELETING.

This avoids deleting IKE_SAs during reauthentication (without
trying to reestablish them).

diff --git a/src/libcharon/sa/ike_sa.c b/src/libcharon/sa/ike_sa.c
index fc69ecb223b3545f9e9ca365f00cdf5567a68816..926e2d14cc4452e5302dd14b242390ae2fc7848c 100644 (file)
--- a/src/libcharon/sa/ike_sa.c
+++ b/src/libcharon/sa/ike_sa.c
@@ -678,14 +678,6 @@ METHOD(ike_sa_t, set_state, void,
                        }
                        break;
                }
-               case IKE_DELETING:
-               {
-                       /* delete may fail if a packet gets lost, so set a timeout */
-                       job_t *job = (job_t*)delete_ike_sa_job_create(this->ike_sa_id, TRUE);
-                       lib->scheduler->schedule_job(lib->scheduler, job,
-                                                                                HALF_OPEN_IKE_SA_TIMEOUT);
-                       break;
-               }
                default:
                        break;
        }

diff --git a/src/libcharon/sa/ikev2/tasks/ike_delete.c b/src/libcharon/sa/ikev2/tasks/ike_delete.c
index 29ac87258a8e6b3cd24db62bd69d788dc2b84778..f127b0c150ae23087ef91eef54edba1a2a8e0de2 100644 (file)
--- a/src/libcharon/sa/ikev2/tasks/ike_delete.c
+++ b/src/libcharon/sa/ikev2/tasks/ike_delete.c
@@ -135,7 +135,7 @@ METHOD(task_t, build_r, status_t,
 
        if (this->simultaneous)
        {
-               /* wait for peer's response for our delete request, but set a timeout */
+               /* wait for peer's response for our delete request */
                return SUCCESS;
        }
        if (!this->rekeyed)