libcharon: Enable make_before_break option by default

2025-10-03 00:00:24 -04:00 · 2023-01-04 18:31:00 +01:00 · 2023-01-04 18:31:00 +01:00 · a5e80cf5e4
commit a5e80cf5e4
parent e69e7c86e7
2 changed files with 4 additions and 3 deletions
--- a/conf/options/charon.opt
+++ b/conf/options/charon.opt
@ -291,7 +291,7 @@ charon.max_ikev1_exchanges = 3
 charon.max_packet = 10000
 	Maximum packet size accepted by charon.

-charon.make_before_break = no
+charon.make_before_break = yes
 	Initiate IKEv2 reauthentication with a make-before-break scheme.

 	Initiate IKEv2 reauthentication with a make-before-break instead of a
--- a/src/libcharon/sa/ikev2/task_manager_v2.c
+++ b/src/libcharon/sa/ikev2/task_manager_v2.c
@ -1,7 +1,8 @@
 /*
 * Copyright (C) 2007-2019 Tobias Brunner
 * Copyright (C) 2007-2010 Martin Willi
- *
+ * Copyright (C) 2023 Andreas Steffen, strongSec GmbH
+
 * Copyright (C) secunet Security Networks AG
 *
 * This program is free software; you can redistribute it and/or modify it
@ -2618,7 +2619,7 @@ task_manager_v2_t *task_manager_v2_create(ike_sa_t *ike_sa)
 		.active_tasks = array_create(0, 0),
 		.passive_tasks = array_create(0, 0),
 		.make_before_break = lib->settings->get_bool(lib->settings,
-					"%s.make_before_break", FALSE, lib->ns),
+					"%s.make_before_break", TRUE, lib->ns),
 	);

 	retransmission_parse_default(&this->retransmit);