From: Tobias Brunner <tobias@strongswan.org>
Date: Tue, 10 Jul 2018 12:36:28 +0000 (+0200)
Subject: ike-rekey: Reset IKE_SA after processing CREATE_CHILD_SA request
X-Git-Tag: 5.9.7dr2~1^2~20
X-Git-Url: http://git.ipfire.org/gitweb/gitweb.cgi?a=commitdiff_plain;h=ba348b47998444098d2c836302384c6fb2ed56a4;p=thirdparty%2Fstrongswan.git

ike-rekey: Reset IKE_SA after processing CREATE_CHILD_SA request

This probably didn't cause any problems, as there wasn't really anything
happening between the calls, but reset it anyway, just to be safe.
---

diff --git a/src/libcharon/sa/ikev2/tasks/ike_rekey.c b/src/libcharon/sa/ikev2/tasks/ike_rekey.c
index 1dc0fd6e8e..2e9732a9e4 100644
--- a/src/libcharon/sa/ikev2/tasks/ike_rekey.c
+++ b/src/libcharon/sa/ikev2/tasks/ike_rekey.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2015-2016 Tobias Brunner
+ * Copyright (C) 2015-2018 Tobias Brunner
  * Copyright (C) 2005-2008 Martin Willi
  * Copyright (C) 2005 Jan Hutter
  *
@@ -167,7 +167,7 @@ METHOD(task_t, build_i, status_t,
 	ike_version_t version;
 
 	/* create new SA only on first try */
-	if (this->new_sa == NULL)
+	if (!this->new_sa)
 	{
 		version = this->ike_sa->get_version(this->ike_sa);
 		this->new_sa = charon->ike_sa_manager->create_new(
@@ -254,7 +254,7 @@ METHOD(task_t, process_r, status_t,
 	this->new_sa->inherit_pre(this->new_sa, this->ike_sa);
 	this->ike_init = ike_init_create(this->new_sa, FALSE, this->ike_sa);
 	this->ike_init->task.process(&this->ike_init->task, message);
-
+	charon->bus->set_sa(charon->bus, this->ike_sa);
 	return NEED_MORE;
 }
 
@@ -266,12 +266,14 @@ METHOD(task_t, build_r, status_t,
 		message->add_notify(message, TRUE, TEMPORARY_FAILURE, chunk_empty);
 		return SUCCESS;
 	}
-	if (this->new_sa == NULL)
+	if (!this->new_sa)
 	{
 		/* IKE_SA/a CHILD_SA is in an unacceptable state, deny rekeying */
 		message->add_notify(message, TRUE, NO_PROPOSAL_CHOSEN, chunk_empty);
 		return SUCCESS;
 	}
+
+	charon->bus->set_sa(charon->bus, this->new_sa);
 	if (this->ike_init->task.build(&this->ike_init->task, message) == FAILED)
 	{
 		this->ike_init->task.destroy(&this->ike_init->task);
@@ -338,7 +340,7 @@ METHOD(task_t, process_i, status_t,
 			}
 			return SUCCESS;
 		case NEED_MORE:
-			/* bad dh group, try again */
+			/* bad KE method, try again */
 			this->ike_init->task.migrate(&this->ike_init->task, this->new_sa);
 			return NEED_MORE;
 		default: