From: Martin Willi <martin@revosec.ch>
Date: Tue, 25 Jun 2013 12:03:51 +0000 (+0200)
Subject: ikev2: keep the CHILD_SA we delete as initiator in the list to destroy
X-Git-Tag: 5.1.0dr1~33
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=a65024264379bacc2733282f2b59b8c14e3897c0;p=thirdparty%2Fstrongswan.git

ikev2: keep the CHILD_SA we delete as initiator in the list to destroy

If the responder not correctly send the correct protocol or SPI in the delete
response, we should remove the CHILD_SA regardless.
---

diff --git a/src/libcharon/sa/ikev2/tasks/child_delete.c b/src/libcharon/sa/ikev2/tasks/child_delete.c
index 8652942ad6..9e53d037e7 100644
--- a/src/libcharon/sa/ikev2/tasks/child_delete.c
+++ b/src/libcharon/sa/ikev2/tasks/child_delete.c
@@ -177,8 +177,11 @@ static void process_payloads(private_child_delete_t *this, message_t *message)
 					default:
 						break;
 				}
-
-				this->child_sas->insert_last(this->child_sas, child_sa);
+				if (this->child_sas->find_first(this->child_sas, NULL,
+												(void**)&child_sa) != SUCCESS)
+				{
+					this->child_sas->insert_last(this->child_sas, child_sa);
+				}
 			}
 			spis->destroy(spis);
 		}
@@ -310,10 +313,6 @@ METHOD(task_t, build_i, status_t,
 METHOD(task_t, process_i, status_t,
 	private_child_delete_t *this, message_t *message)
 {
-	/* flush the list before adding new SAs */
-	this->child_sas->destroy(this->child_sas);
-	this->child_sas = linked_list_create();
-
 	process_payloads(this, message);
 	DBG1(DBG_IKE, "CHILD_SA closed");
 	return destroy_and_reestablish(this);