Extended nonce payload for IKEv1 support
[strongswan.git] / src / libcharon / sa / tasks / child_create.c
index 02831b0..587e37a 100644 (file)
@@ -213,13 +213,13 @@ static bool ts_list_is_host(linked_list_t *list, host_t *host)
 {
        traffic_selector_t *ts;
        bool is_host = TRUE;
-       iterator_t *iterator = list->create_iterator(list, TRUE);
+       enumerator_t *enumerator = list->create_enumerator(list);
 
-       while (is_host && iterator->iterate(iterator, (void**)&ts))
+       while (is_host && enumerator->enumerate(enumerator, (void**)&ts))
        {
                is_host = is_host && ts->is_host(ts, host);
        }
-       iterator->destroy(iterator);
+       enumerator->destroy(enumerator);
        return is_host;
 }
 
@@ -526,18 +526,20 @@ static void build_payloads(private_child_create_t *this, message_t *message)
        /* add SA payload */
        if (this->initiator)
        {
-               sa_payload = sa_payload_create_from_proposal_list(this->proposals);
+               sa_payload = sa_payload_create_from_proposal_list(SECURITY_ASSOCIATION,
+                                                                                                                 this->proposals);
        }
        else
        {
-               sa_payload = sa_payload_create_from_proposal(this->proposal);
+               sa_payload = sa_payload_create_from_proposal(SECURITY_ASSOCIATION,
+                                                                                                        this->proposal);
        }
        message->add_payload(message, (payload_t*)sa_payload);
 
        /* add nonce payload if not in IKE_AUTH */
        if (message->get_exchange_type(message) == CREATE_CHILD_SA)
        {
-               nonce_payload = nonce_payload_create();
+               nonce_payload = nonce_payload_create(NONCE);
                nonce_payload->set_nonce(nonce_payload, this->my_nonce);
                message->add_payload(message, (payload_t*)nonce_payload);
        }
@@ -886,6 +888,10 @@ static void handle_child_sa_failure(private_child_create_t *this,
                        delete_ike_sa_job_create(this->ike_sa->get_id(this->ike_sa), TRUE),
                        100);
        }
+       else
+       {
+               DBG1(DBG_IKE, "failed to establish CHILD_SA, keeping IKE_SA");
+       }
 }
 
 METHOD(task_t, build_r, status_t,
@@ -967,7 +973,7 @@ METHOD(task_t, build_r, status_t,
                                case INTERNAL_ADDRESS_FAILURE:
                                case FAILED_CP_REQUIRED:
                                {
-                                       DBG1(DBG_IKE,"configuration payload negotation "
+                                       DBG1(DBG_IKE,"configuration payload negotiation "
                                                 "failed, no CHILD_SA built");
                                        enumerator->destroy(enumerator);
                                        handle_child_sa_failure(this, message);