vici: Don't fall back to uninstalling traps if a matching shunt was found

This is different if `ike` and `child` are provided and uninstall() fails as we call that without knowing whether a matching shunt exists. But if `ike` is not provided we explicitly search for a matching shunt and if found don't need to look for a trap policy.
author: Tobias Brunner <tobias@strongswan.org> 2017-03-22 17:19:31 +0100
committer: Tobias Brunner <tobias@strongswan.org> 2017-03-23 18:29:18 +0100
commit: 550bd654a72929f3423dd5e3a05249050e2a6b7a (patch)
tree: 76d3b29972e0ef431521f3a2bbacfa3d66833376 /src
parent: 5e8e71d4050cd3a6e123252d87920196be33ab70 (diff)
download: strongswan-550bd654a72929f3423dd5e3a05249050e2a6b7a.tar.bz2
strongswan-550bd654a72929f3423dd5e3a05249050e2a6b7a.tar.xz
1 files changed, 7 insertions, 3 deletions
diff --git a/src/libcharon/plugins/vici/vici_control.c b/src/libcharon/plugins/vici/vici_control.c
index 83e09d5b7..afee649f7 100644
--- a/src/libcharon/plugins/vici/vici_control.c
+++ b/src/libcharon/plugins/vici/vici_control.c
@@ -707,12 +707,16 @@ CALLBACK(uninstall, vici_message_t*,
 			}
 		}
 		enumerator->destroy(enumerator);
-		if (ike && charon->shunts->uninstall(charon->shunts, ike, child))
+		if (ike)
 		{
+			if (charon->shunts->uninstall(charon->shunts, ike, child))
+			{
+				free(ike);
+				return send_reply(this, NULL);
+			}
 			free(ike);
-			return send_reply(this, NULL);
+			return send_reply(this, "uninstalling policy '%s' failed", child);
 		}
-		free(ike);
 	}
 	else if (charon->shunts->uninstall(charon->shunts, ike, child))
 	{
author	Tobias Brunner <tobias@strongswan.org>	2017-03-22 17:19:31 +0100
committer	Tobias Brunner <tobias@strongswan.org>	2017-03-23 18:29:18 +0100
commit	550bd654a72929f3423dd5e3a05249050e2a6b7a (patch)
tree	76d3b29972e0ef431521f3a2bbacfa3d66833376 /src
parent	5e8e71d4050cd3a6e123252d87920196be33ab70 (diff)
download	strongswan-550bd654a72929f3423dd5e3a05249050e2a6b7a.tar.bz2 strongswan-550bd654a72929f3423dd5e3a05249050e2a6b7a.tar.xz