From: Martin Willi <martin@revosec.ch>
Date: Thu, 20 Jun 2013 14:13:35 +0000 (+0200)
Subject: child-sa: Save protocol during SPI allocation
X-Git-Tag: 5.1.1rc1~48^2~18
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=21b096f3b8a013f58d3d9d1691aeb408854c4cb5;p=thirdparty%2Fstrongswan.git

child-sa: Save protocol during SPI allocation

This allows us to properly delete the incomplete SA with the correct protocol
should negotiation fail.
---

diff --git a/src/libcharon/sa/child_sa.c b/src/libcharon/sa/child_sa.c
index 46e4b6f7ba..9bd0c05adb 100644
--- a/src/libcharon/sa/child_sa.c
+++ b/src/libcharon/sa/child_sa.c
@@ -594,6 +594,9 @@ METHOD(child_sa_t, alloc_spi, u_int32_t,
 										 proto_ike2ip(protocol), this->reqid,
 										 &this->my_spi) == SUCCESS)
 	{
+		/* if we allocate a SPI, but then are unable to establish the SA, we
+		 * need to know the protocol family to delete the partial SA */
+		this->protocol = protocol;
 		return this->my_spi;
 	}
 	return 0;
@@ -1039,12 +1042,6 @@ METHOD(child_sa_t, destroy, void,
 	/* delete SAs in the kernel, if they are set up */
 	if (this->my_spi)
 	{
-		/* if CHILD was not established, use PROTO_ESP used during alloc_spi().
-		 * TODO: For AH support, we have to store protocol specific SPI.s */
-		if (this->protocol == PROTO_NONE)
-		{
-			this->protocol = PROTO_ESP;
-		}
 		hydra->kernel_interface->del_sa(hydra->kernel_interface,
 					this->other_addr, this->my_addr, this->my_spi,
 					proto_ike2ip(this->protocol), this->my_cpi,