From: Tobias Brunner <tobias@strongswan.org>
Date: Thu, 19 May 2016 15:23:32 +0000 (+0200)
Subject: child-rekey: Use more appropriate error notifies if CHILD_SA is not found or getting... 
X-Git-Tag: 5.5.0dr1~4^2~59
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=5bbb9d703c861b3c080d7c625421e4cedd5df8b6;p=thirdparty%2Fstrongswan.git

child-rekey: Use more appropriate error notifies if CHILD_SA is not found or getting deleted

These are the notifies we should return according to RFC 7296.
---

diff --git a/src/libcharon/sa/ikev2/tasks/child_rekey.c b/src/libcharon/sa/ikev2/tasks/child_rekey.c
index bd94ce6988..b32d2d7254 100644
--- a/src/libcharon/sa/ikev2/tasks/child_rekey.c
+++ b/src/libcharon/sa/ikev2/tasks/child_rekey.c
@@ -219,11 +219,16 @@ METHOD(task_t, build_r, status_t,
 	child_cfg_t *config;
 	uint32_t reqid;
 
-	if (this->child_sa == NULL ||
-		this->child_sa->get_state(this->child_sa) == CHILD_DELETING)
+	if (!this->child_sa)
 	{
 		DBG1(DBG_IKE, "unable to rekey, CHILD_SA not found");
-		message->add_notify(message, TRUE, NO_PROPOSAL_CHOSEN, chunk_empty);
+		message->add_notify(message, TRUE, CHILD_SA_NOT_FOUND, chunk_empty);
+		return SUCCESS;
+	}
+	if (this->child_sa->get_state(this->child_sa) == CHILD_DELETING)
+	{
+		DBG1(DBG_IKE, "unable to rekey, we are deleting the CHILD_SA");
+		message->add_notify(message, TRUE, TEMPORARY_FAILURE, chunk_empty);
 		return SUCCESS;
 	}