Accept rekey Child request with negotiated IKE DH group
First Child SA, and all additional additional Child SAs that do not
have user specified DH groups are set up with crypto keys that are
implicitly generated by the negotiated IKE DH group. For those
Child SAs, incoming rekey requests that match the negotiated IKE DH
group should also be acceptable. This will improve interoperability
of the IKE client.
Bug: 186650467
Test: FrameworksIkeTests (new tests added)
Change-Id: I98a76944b4444568f67bd21a356da78800d3f53a
2 files changed