From 3d54ae94d935fa60b3f3228e7a0ad1ba92092e84 Mon Sep 17 00:00:00 2001 From: Martin Willi Date: Wed, 21 Dec 2011 12:05:34 +0100 Subject: Handle initiation of not supported IKE versions properly --- src/libcharon/control/controller.c | 11 +++++++++++ 1 file changed, 11 insertions(+) (limited to 'src/libcharon/control/controller.c') diff --git a/src/libcharon/control/controller.c b/src/libcharon/control/controller.c index 0f247962b..4aded8f9d 100644 --- a/src/libcharon/control/controller.c +++ b/src/libcharon/control/controller.c @@ -217,6 +217,17 @@ METHOD(job_t, initiate_execute, void, ike_sa = charon->ike_sa_manager->checkout_by_config(charon->ike_sa_manager, peer_cfg); + if (!ike_sa) + { + listener->child_cfg->destroy(listener->child_cfg); + peer_cfg->destroy(peer_cfg); + /* trigger down event to release listener */ + listener->ike_sa = charon->ike_sa_manager->checkout_new( + charon->ike_sa_manager, IKE_ANY, TRUE); + DESTROY_IF(listener->ike_sa); + listener->status = FAILED; + return; + } listener->ike_sa = ike_sa; if (ike_sa->get_peer_cfg(ike_sa) == NULL) -- cgit v1.2.3 From 3a925f74ab3cc43bafa409b89feaa32caeb33364 Mon Sep 17 00:00:00 2001 From: Martin Willi Date: Mon, 2 Jan 2012 15:40:31 +0100 Subject: Do not query CHILD_SA during delete if they already expired --- src/libcharon/control/controller.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'src/libcharon/control/controller.c') diff --git a/src/libcharon/control/controller.c b/src/libcharon/control/controller.c index 4aded8f9d..11f40388f 100644 --- a/src/libcharon/control/controller.c +++ b/src/libcharon/control/controller.c @@ -368,7 +368,7 @@ METHOD(job_t, terminate_child_execute, void, charon->bus->set_sa(charon->bus, ike_sa); if (ike_sa->delete_child_sa(ike_sa, child_sa->get_protocol(child_sa), - child_sa->get_spi(child_sa, TRUE)) != DESTROY_ME) + child_sa->get_spi(child_sa, TRUE), FALSE) != DESTROY_ME) { charon->ike_sa_manager->checkin(charon->ike_sa_manager, ike_sa); listener->status = SUCCESS; -- cgit v1.2.3