sharpetronics/strongswan
1
0
Fork 0
mirror of https://github.com/strongswan/strongswan.git synced 2025-10-07 00:01:49 -04:00
Code Issues Projects Releases Wiki Activity

child-sa: Remove policies before states to avoid acquire events for untrapped policies

Browse Source
This commit is contained in:
Tobias Brunner 2015-03-17 09:58:00 +01:00
parent c5f4e7c69e
commit 46188b0eb0
1 changed files with 16 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
src/libcharon/sa/child_sa.c
View File

@ -1114,22 +1114,6 @@ METHOD(child_sa_t, destroy, void,
set_state(this, CHILD_DESTROYING);
/* delete SAs in the kernel, if they are set up */
if (this->my_spi)
{
hydra->kernel_interface->del_sa(hydra->kernel_interface,
this->other_addr, this->my_addr, this->my_spi,
proto_ike2ip(this->protocol), this->my_cpi,
this->mark_in);
}
if (this->other_spi)
{
hydra->kernel_interface->del_sa(hydra->kernel_interface,
this->my_addr, this->other_addr, this->other_spi,
proto_ike2ip(this->protocol), this->other_cpi,
this->mark_out);
}
if (this->config->install_policy(this->config))
{
/* delete all policies in the kernel */
@ -1146,6 +1130,22 @@ METHOD(child_sa_t, destroy, void,
enumerator->destroy(enumerator);
}
/* delete SAs in the kernel, if they are set up */
if (this->my_spi)
{
hydra->kernel_interface->del_sa(hydra->kernel_interface,
this->other_addr, this->my_addr, this->my_spi,
proto_ike2ip(this->protocol), this->my_cpi,
this->mark_in);
}
if (this->other_spi)
{
hydra->kernel_interface->del_sa(hydra->kernel_interface,
this->my_addr, this->other_addr, this->other_spi,
proto_ike2ip(this->protocol), this->other_cpi,
this->mark_out);
}
if (this->reqid_allocated)
{
if (hydra->kernel_interface->release_reqid(hydra->kernel_interface,