charon-tkm: Reset ESA on child SA create failure

Since we are also releasing the ESA ID we have to make sure that the ESA
context is reset and in a clean state in order for it to be actually
reusable.

diff --git a/src/charon-tkm/src/tkm/tkm_kernel_ipsec.c b/src/charon-tkm/src/tkm/tkm_kernel_ipsec.c
index 87b516d4396e626b3b0a329991ec604a6ea8bfe1..48dd40aa51f0fb77dc95413bcf45a3c4b1460f7d 100644 (file)
--- a/src/charon-tkm/src/tkm/tkm_kernel_ipsec.c
+++ b/src/charon-tkm/src/tkm/tkm_kernel_ipsec.c
@@ -199,6 +199,7 @@ METHOD(kernel_ipsec_t, add_sa, status_t,
        return SUCCESS;
 
 failure:
+       ike_esa_reset(esa_id);
        tkm->sad->remove(tkm->sad, esa_id);
 sad_failure:
        tkm->idmgr->release_id(tkm->idmgr, TKM_CTX_ESA, esa_id);