From: Tobias Brunner <tobias@strongswan.org>
Date: Wed, 25 May 2016 12:55:16 +0000 (+0200)
Subject: child-rekey: Don't change state to INSTALLED if it was already REKEYING
X-Git-Tag: 5.5.0dr1~4^2~53
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=5ef033c53b99498f20e44676c65e284e3dfff15b;p=thirdparty%2Fstrongswan.git

child-rekey: Don't change state to INSTALLED if it was already REKEYING

This happens if there is a rekey collision and the peers disagree on the
DH group.
---

diff --git a/src/libcharon/sa/ikev2/tasks/child_rekey.c b/src/libcharon/sa/ikev2/tasks/child_rekey.c
index 57085e8cdc..3ce6834402 100644
--- a/src/libcharon/sa/ikev2/tasks/child_rekey.c
+++ b/src/libcharon/sa/ikev2/tasks/child_rekey.c
@@ -218,6 +218,7 @@ METHOD(task_t, build_r, status_t,
 {
 	child_cfg_t *config;
 	uint32_t reqid;
+	child_sa_state_t state;
 
 	if (!this->child_sa)
 	{
@@ -241,12 +242,13 @@ METHOD(task_t, build_r, status_t,
 	config = this->child_sa->get_config(this->child_sa);
 	this->child_create->set_config(this->child_create, config->get_ref(config));
 	this->child_create->task.build(&this->child_create->task, message);
+
+	state = this->child_sa->get_state(this->child_sa);
 	this->child_sa->set_state(this->child_sa, CHILD_REKEYING);
 
 	if (message->get_payload(message, PLV2_SECURITY_ASSOCIATION) == NULL)
-	{
-		/* rekeying failed, reuse old child */
-		this->child_sa->set_state(this->child_sa, CHILD_INSTALLED);
+	{	/* rekeying failed, reuse old child */
+		this->child_sa->set_state(this->child_sa, state);
 		return SUCCESS;
 	}