From: Tobias Brunner <tobias@strongswan.org>
Date: Thu, 19 May 2016 13:06:27 +0000 (+0200)
Subject: child-create: Handle TEMPORARY_FAILURE notify as failure
X-Git-Tag: 5.5.0dr1~4^2~61
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=b7b414463d7448f7fbac5537694b298baedf9b47;p=thirdparty%2Fstrongswan.git

child-create: Handle TEMPORARY_FAILURE notify as failure

We will later add code to retry creating the CHILD_SA if we are not
rekeying.  Rekeying is already rescheduled as with any other errors.
---

diff --git a/src/libcharon/sa/ikev2/tasks/child_create.c b/src/libcharon/sa/ikev2/tasks/child_create.c
index 3269938859..ea56e161e7 100644
--- a/src/libcharon/sa/ikev2/tasks/child_create.c
+++ b/src/libcharon/sa/ikev2/tasks/child_create.c
@@ -1432,6 +1432,7 @@ METHOD(task_t, process_i, status_t,
 				case FAILED_CP_REQUIRED:
 				case TS_UNACCEPTABLE:
 				case INVALID_SELECTORS:
+				case TEMPORARY_FAILURE:
 				{
 					DBG1(DBG_IKE, "received %N notify, no CHILD_SA built",
 						 notify_type_names, type);
diff --git a/src/libcharon/sa/ikev2/tasks/child_rekey.c b/src/libcharon/sa/ikev2/tasks/child_rekey.c
index 17b812e91a..66bd3b4bed 100644
--- a/src/libcharon/sa/ikev2/tasks/child_rekey.c
+++ b/src/libcharon/sa/ikev2/tasks/child_rekey.c
@@ -346,10 +346,10 @@ METHOD(task_t, process_i, status_t,
 	}
 	if (message->get_payload(message, PLV2_SECURITY_ASSOCIATION) == NULL)
 	{
-		/* establishing new child failed, reuse old. but not when we
-		 * received a delete in the meantime */
-		if (!(this->collision &&
-			  this->collision->get_type(this->collision) == TASK_CHILD_DELETE))
+		/* establishing new child failed, reuse old and try again. but not when
+		 * we received a delete in the meantime */
+		if (!this->collision ||
+			 this->collision->get_type(this->collision) != TASK_CHILD_DELETE)
 		{
 			schedule_delayed_rekey(this);
 		}