From: Martin Willi <martin@revosec.ch>
Date: Tue, 7 Dec 2010 10:41:41 +0000 (+0100)
Subject: Never register IKE_SA during checkout_new, as rekeying keeps it checked out
X-Git-Tag: 4.5.1~403
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=86993d6b90378bc839969d19ba3052fcdd62d432;p=thirdparty%2Fstrongswan.git

Never register IKE_SA during checkout_new, as rekeying keeps it checked out
---

diff --git a/src/libcharon/sa/ike_sa_manager.c b/src/libcharon/sa/ike_sa_manager.c
index 31f14f0d49..9a3c3ce8d3 100644
--- a/src/libcharon/sa/ike_sa_manager.c
+++ b/src/libcharon/sa/ike_sa_manager.c
@@ -914,8 +914,6 @@ static ike_sa_t *checkout_new(private_ike_sa_manager_t* this, bool initiator)
 {
 	ike_sa_id_t *ike_sa_id;
 	ike_sa_t *ike_sa;
-	entry_t *entry;
-	u_int segment;
 
 	if (initiator)
 	{
@@ -926,23 +924,12 @@ static ike_sa_t *checkout_new(private_ike_sa_manager_t* this, bool initiator)
 		ike_sa_id = ike_sa_id_create(0, get_next_spi(this), FALSE);
 	}
 	ike_sa = ike_sa_create(ike_sa_id);
+	ike_sa_id->destroy(ike_sa_id);
 
 	DBG2(DBG_MGR, "created IKE_SA %s[%u]", ike_sa->get_name(ike_sa),
 			ike_sa->get_unique_id(ike_sa));
 
-	if (!initiator)
-	{
-		ike_sa_id->destroy(ike_sa_id);
-		return ike_sa;
-	}
-
-	entry = entry_create();
-	entry->ike_sa_id = ike_sa_id;
-	entry->ike_sa = ike_sa;
-	segment = put_entry(this, entry);
-	entry->checked_out = TRUE;
-	unlock_single_segment(this, segment);
-	return entry->ike_sa;
+	return ike_sa;
 }
 
 /**
diff --git a/src/libcharon/sa/ike_sa_manager.h b/src/libcharon/sa/ike_sa_manager.h
index f4eabf8080..115e8d3377 100644
--- a/src/libcharon/sa/ike_sa_manager.h
+++ b/src/libcharon/sa/ike_sa_manager.h
@@ -52,9 +52,6 @@ struct ike_sa_manager_t {
 	/**
 	 * Create and check out a new IKE_SA.
 	 *
-	 * @note If initiator equals FALSE, the returned IKE_SA is not registered
-	 * in the manager.
-	 *
 	 * @param initiator			TRUE for initiator, FALSE otherwise
 	 * @returns 				created and checked out IKE_SA
 	 */