Consider notify errors fatal only during main mode
authorMartin Willi <martin@revosec.ch>
Thu, 15 Dec 2011 17:11:00 +0000 (18:11 +0100)
committerMartin Willi <martin@revosec.ch>
Tue, 20 Mar 2012 16:31:24 +0000 (17:31 +0100)
src/libcharon/sa/tasks/informational.c

index 60e1cfc..5b2ceca 100644 (file)
@@ -84,7 +84,10 @@ METHOD(task_t, process_r, status_t,
                                {
                                        DBG1(DBG_IKE, "received %N error notify",
                                                 notify_type_names, notify->get_notify_type(notify));
-                                       status = FAILED;
+                                       if (this->ike_sa->get_state(this->ike_sa) == IKE_CONNECTING)
+                                       {       /* only critical during main mode */
+                                               status = FAILED;
+                                       }
                                        break;
                                }
                                else