From c2a4c8e38a2786013e89b7bd183f6518c6aceb5a Mon Sep 17 00:00:00 2001 From: Tobias Brunner Date: Mon, 2 Oct 2023 16:21:28 +0200 Subject: [PATCH] ike-sa: Correctly maintain allocated reqid when recreating CHILD_SA Maintaining the reqid when recreating a CHILD_SA from scratch night not strictly be necessary as we usually don't have to replace any temporary states in the kernel. However, there could be concurrent acquires that might actually make it necessary (we use the reqid to keep track of acquires and it's also part of the duplicate check). --- src/libcharon/sa/ike_sa.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/src/libcharon/sa/ike_sa.c b/src/libcharon/sa/ike_sa.c index 6b0e72da32..654508e4b3 100644 --- a/src/libcharon/sa/ike_sa.c +++ b/src/libcharon/sa/ike_sa.c @@ -2067,7 +2067,7 @@ static status_t reestablish_children(private_ike_sa_t *this, ike_sa_t *new, if (action & ACTION_START) { child_init_args_t args = { - .reqid = child_sa->get_reqid(child_sa), + .reqid = child_sa->get_reqid_ref(child_sa), .label = child_sa->get_label(child_sa), }; child_cfg = child_sa->get_config(child_sa); @@ -2076,6 +2076,10 @@ static status_t reestablish_children(private_ike_sa_t *this, ike_sa_t *new, other->task_manager->queue_child(other->task_manager, child_cfg->get_ref(child_cfg), &args); + if (args.reqid) + { + charon->kernel->release_reqid(charon->kernel, args.reqid); + } } } enumerator->destroy(enumerator); -- 2.47.2