From: Tobias Brunner <tobias@strongswan.org>
Date: Tue, 25 Feb 2025 11:14:12 +0000 (+0100)
Subject: ike-sa: Fix check for make-before-break when handling DELETE failure
X-Git-Tag: 6.0.1rc1~7
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=660e06b048f76335dfe76501ec9e6d49c71691e8;p=thirdparty%2Fstrongswan.git

ike-sa: Fix check for make-before-break when handling DELETE failure

Fixes: a5e80cf5e451 ("libcharon: Enable make_before_break option by default")
---

diff --git a/src/libcharon/sa/ike_sa.c b/src/libcharon/sa/ike_sa.c
index 4a88e7ee55..a14e9ab3b4 100644
--- a/src/libcharon/sa/ike_sa.c
+++ b/src/libcharon/sa/ike_sa.c
@@ -2534,7 +2534,7 @@ METHOD(ike_sa_t, retransmit, status_t,
 			DBG1(DBG_IKE, "proper IKE_SA delete failed, peer not responding");
 			if (has_condition(this, COND_REAUTHENTICATING) &&
 				!lib->settings->get_bool(lib->settings,
-									"%s.make_before_break", FALSE, lib->ns))
+									"%s.make_before_break", TRUE, lib->ns))
 			{
 				DBG1(DBG_IKE, "delete during reauthentication failed, "
 					 "trying to reestablish IKE_SA anyway");