ikev1: Fix config switching due to failed authentication during Aggressive mode

The encoded ID payload gets destroyed by the authenticator, which caused a segmentation fault after the switch. Fixes #501.
author: Tobias Brunner <tobias@strongswan.org> 2014-02-07 10:04:22 +0100
committer: Tobias Brunner <tobias@strongswan.org> 2014-02-12 13:53:03 +0100
commit: 9e1ce63915c1c66bc181406b4ef94fc55a9bcdf8 (patch)
tree: 9d7251538f86d42fda7ffb7b27b678e776628dd3 /src
parent: 822b22c96fd1110209d9b680bd905ea29095bd42 (diff)
download: strongswan-9e1ce63915c1c66bc181406b4ef94fc55a9bcdf8.tar.bz2
strongswan-9e1ce63915c1c66bc181406b4ef94fc55a9bcdf8.tar.xz
1 files changed, 1 insertions, 3 deletions
diff --git a/src/libcharon/sa/ikev1/tasks/aggressive_mode.c b/src/libcharon/sa/ikev1/tasks/aggressive_mode.c
index 46cbb879b..d5d7f2c98 100644
--- a/src/libcharon/sa/ikev1/tasks/aggressive_mode.c
+++ b/src/libcharon/sa/ikev1/tasks/aggressive_mode.c
@@ -478,7 +478,7 @@ METHOD(task_t, process_r, status_t,
 			while (TRUE)
 			{
 				if (this->ph1->verify_auth(this->ph1, this->method, message,
-										   this->id_data))
+										   chunk_clone(this->id_data)))
 				{
 					break;
 				}
@@ -487,12 +487,10 @@ METHOD(task_t, process_r, status_t,
 													this->method, TRUE, NULL);
 				if (!this->peer_cfg)
 				{
-					this->id_data = chunk_empty;
 					return send_delete(this);
 				}
 				this->ike_sa->set_peer_cfg(this->ike_sa, this->peer_cfg);
 			}
-			this->id_data = chunk_empty;
 
 			if (!charon->bus->authorize(charon->bus, FALSE))
 			{
author	Tobias Brunner <tobias@strongswan.org>	2014-02-07 10:04:22 +0100
committer	Tobias Brunner <tobias@strongswan.org>	2014-02-12 13:53:03 +0100
commit	9e1ce63915c1c66bc181406b4ef94fc55a9bcdf8 (patch)
tree	9d7251538f86d42fda7ffb7b27b678e776628dd3 /src
parent	822b22c96fd1110209d9b680bd905ea29095bd42 (diff)
download	strongswan-9e1ce63915c1c66bc181406b4ef94fc55a9bcdf8.tar.bz2 strongswan-9e1ce63915c1c66bc181406b4ef94fc55a9bcdf8.tar.xz