webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-05-11 09:48:24 +02:00
Code Issues Packages Projects Releases Wiki Activity

strongswan: Update to 5.5.0

Browse Source 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
This commit is contained in:
Michael Tremer
2016-09-22 14:47:47 +01:00
parent f5275b5930
commit 8029c2a899
3 changed files with 30 additions and 71 deletions
Download Patch File Download Diff File Expand all files Collapse all files

56
src/patches/strongswan-child-rekey-Suppress-updown-event-when-deleting-redundant-CHILD_SAs.patch
View File

@@ -1,56 +0,0 @@
From 0e32cbc0bc8fce3319491db360fb23b16561ec58 Mon Sep 17 00:00:00 2001
From: Tobias Brunner <tobias@strongswan.org>
Date: Tue, 15 Dec 2015 17:15:32 +0100
Subject: [PATCH] child-rekey: Suppress updown event when deleting redundant
CHILD_SAs
When handling a rekey collision we might have to delete an already
installed redundant CHILD_SA (or expect the other peer to do so). We don't
want to trigger updown events for these as we don't during rekeying.
Instead of setting the state to CHILD_REKEYING we could maybe use
CHILD_REKEYED, which we currently only use for IKEv1, and set it for
all CHILD_SAs we delete or expect the other peer to delete. Would need
a small change in child-delete too. Or we could introduce a new state.
#853.
---
src/libcharon/sa/ikev2/tasks/child_rekey.c | 11 ++++++++++-
1 file changed, 10 insertions(+), 1 deletion(-)
diff --git a/src/libcharon/sa/ikev2/tasks/child_rekey.c b/src/libcharon/sa/ikev2/tasks/child_rekey.c
index c7a8a13..6f0c2b2 100644
--- a/src/libcharon/sa/ikev2/tasks/child_rekey.c
+++ b/src/libcharon/sa/ikev2/tasks/child_rekey.c
@@ -279,11 +279,15 @@ static child_sa_t *handle_collision(private_child_rekey_t *this)
/* don't touch child other created, it has already been deleted */
if (!this->other_child_destroyed)
{
- /* disable close action for the redundand child */
+ /* disable close action and updown event for redundant child */
child_sa = other->child_create->get_child(other->child_create);
if (child_sa)
{
child_sa->set_close_action(child_sa, ACTION_NONE);
+ if (child_sa->get_state(child_sa) != CHILD_REKEYING)
+ {
+ child_sa->set_state(child_sa, CHILD_REKEYING);
+ }
}
}
}
@@ -372,6 +376,11 @@ METHOD(task_t, process_i, status_t,
{
return SUCCESS;
}
+ /* disable updown event for redundant CHILD_SA */
+ if (to_delete->get_state(to_delete) != CHILD_REKEYING)
+ {
+ to_delete->set_state(to_delete, CHILD_REKEYING);
+ }
spi = to_delete->get_spi(to_delete, TRUE);
protocol = to_delete->get_protocol(to_delete);
--
1.7.9.5