[Openswan Users] keeping SA made OCF resource leak

[Paul Wouters]

On Wed, 22 Jul 2009, willer.wang at cybertan.com.tw wrote:

> 3. I don't know what's the purpose of OPENSWAN keeps all old outbound SAs all the time. Preventing to rebuild a same SA?

To ensure a seamless transition, the old receiving SA's are kept until
traffic arrives on the new SA. On the outgoing SA, I believe we drop
the old one as soon as we are ready to use the new one for traffic.

Paul