From: Tobias Brunner <tobias@strongswan.org>
Date: Thu, 20 May 2021 15:55:54 +0000 (+0200)
Subject: child-create: Just abort CREATE_CHILD_SA request if nonce creation fails
X-Git-Tag: 5.9.6rc1~3^2~42
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=511033b3da75b2b35a23d6c3ecb3bfaffd691f91;p=thirdparty%2Fstrongswan.git

child-create: Just abort CREATE_CHILD_SA request if nonce creation fails

No need to send an illegal request with just an error notify.
---

diff --git a/src/libcharon/sa/ikev2/tasks/child_create.c b/src/libcharon/sa/ikev2/tasks/child_create.c
index 5a6c1b4319..399aa1f81c 100644
--- a/src/libcharon/sa/ikev2/tasks/child_create.c
+++ b/src/libcharon/sa/ikev2/tasks/child_create.c
@@ -1094,8 +1094,7 @@ METHOD(task_t, build_i, status_t,
 		case CREATE_CHILD_SA:
 			if (!generate_nonce(this))
 			{
-				message->add_notify(message, FALSE, NO_PROPOSAL_CHOSEN,
-									chunk_empty);
+				message->set_exchange_type(message, EXCHANGE_TYPE_UNDEFINED);
 				return SUCCESS;
 			}
 			if (!this->retry && this->dh_group == MODP_NONE)