sharpetronics/strongswan
1
0
Fork 0
mirror of https://github.com/strongswan/strongswan.git synced 2025-10-07 00:01:49 -04:00
Code Issues Projects Releases Wiki Activity

child-rekey: Don't destroy IKE_SA if initiating CHILD_SA rekeying failed

Browse Source 
This could happen if the peer e.g. selects an invalid DH group or
responds multiple time with an INVALID_KE_PAYLAOD notify.
This commit is contained in:
Tobias Brunner 2018-02-19 15:09:34 +01:00
parent 4f1bf89ed9
commit 574f74d232
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
src/libcharon/sa/ikev2/tasks/child_rekey.c
View File

@ -213,7 +213,8 @@ METHOD(task_t, build_i, status_t,
message) != NEED_MORE)
{
schedule_delayed_rekey(this);
return FAILED;
message->set_exchange_type(message, EXCHANGE_TYPE_UNDEFINED);
return SUCCESS;
}
if (message->get_exchange_type(message) == CREATE_CHILD_SA)
{