Fix memleak during Quick Mode in case no SPI can be allocated from kernel.

1 files changed, 8 insertions, 8 deletions

diff --git a/src/libcharon/sa/ikev1/tasks/quick_mode.c b/src/libcharon/sa/ikev1/tasks/quick_mode.c
index 7c843e85e..cc3ac6720 100644
--- a/src/libcharon/sa/ikev1/tasks/quick_mode.c
+++ b/src/libcharon/sa/ikev1/tasks/quick_mode.c
@@ -629,7 +629,12 @@ METHOD(task_t, build_i, status_t,
 									this->ike_sa->get_other_host(this->ike_sa),
 									this->config, this->reqid, this->udp);
 
-			list = this->config->get_proposals(this->config, FALSE);
+			this->mode = this->config->get_mode(this->config);
+			if (this->udp && this->mode == MODE_TRANSPORT)
+			{
+				/* TODO-IKEv1: disable NAT-T for TRANSPORT mode by default? */
+				add_nat_oa_payloads(this, message);
+			}
 
 			this->spi_i = this->child_sa->alloc_spi(this->child_sa, PROTO_ESP);
 			if (!this->spi_i)
@@ -637,6 +642,8 @@ METHOD(task_t, build_i, status_t,
 				DBG1(DBG_IKE, "allocating SPI from kernel failed");
 				return FAILED;
 			}
+
+			list = this->config->get_proposals(this->config, FALSE);
 			enumerator = list->create_enumerator(list);
 			while (enumerator->enumerate(enumerator, &proposal))
 			{
@@ -644,13 +651,6 @@ METHOD(task_t, build_i, status_t,
 			}
 			enumerator->destroy(enumerator);
 
-			this->mode = this->config->get_mode(this->config);
-			if (this->udp && this->mode == MODE_TRANSPORT)
-			{
-				/* TODO-IKEv1: disable NAT-T for TRANSPORT mode by default? */
-				add_nat_oa_payloads(this, message);
-			}
-
 			get_lifetimes(this);
 			sa_payload = sa_payload_create_from_proposals_v1(list,
 								this->lifetime, this->lifebytes, AUTH_NONE,