[strongSwan] Packets dropped during CHILD SA rekeying

[Martin Willi]

Emeric,

> It seems to be related to: https://wiki.strongswan.org/issues/839#note-1

It is, and as discussed in that ticket, is a consequence of the
pair-wise (un-)installation of SAs.

To properly fix this issue, we would have to defer outbound SA
installation/activation as exchange responder to the DELETE message
processing. This requires some non-trivial changes to the CHILD_SA API,
though, and complicates collision handling etc.

Regards
Martin