Fix memleak during Quick Mode in case no SPI can be allocated from kernel.
authorTobias Brunner <tobias@strongswan.org>
Wed, 23 May 2012 16:09:21 +0000 (18:09 +0200)
committerTobias Brunner <tobias@strongswan.org>
Thu, 24 May 2012 13:32:27 +0000 (15:32 +0200)
src/libcharon/sa/ikev1/tasks/quick_mode.c

index 7c843e8..cc3ac67 100644 (file)
@@ -629,7 +629,12 @@ METHOD(task_t, build_i, status_t,
                                                                        this->ike_sa->get_other_host(this->ike_sa),
                                                                        this->config, this->reqid, this->udp);
 
                                                                        this->ike_sa->get_other_host(this->ike_sa),
                                                                        this->config, this->reqid, this->udp);
 
-                       list = this->config->get_proposals(this->config, FALSE);
+                       this->mode = this->config->get_mode(this->config);
+                       if (this->udp && this->mode == MODE_TRANSPORT)
+                       {
+                               /* TODO-IKEv1: disable NAT-T for TRANSPORT mode by default? */
+                               add_nat_oa_payloads(this, message);
+                       }
 
                        this->spi_i = this->child_sa->alloc_spi(this->child_sa, PROTO_ESP);
                        if (!this->spi_i)
 
                        this->spi_i = this->child_sa->alloc_spi(this->child_sa, PROTO_ESP);
                        if (!this->spi_i)
@@ -637,6 +642,8 @@ METHOD(task_t, build_i, status_t,
                                DBG1(DBG_IKE, "allocating SPI from kernel failed");
                                return FAILED;
                        }
                                DBG1(DBG_IKE, "allocating SPI from kernel failed");
                                return FAILED;
                        }
+
+                       list = this->config->get_proposals(this->config, FALSE);
                        enumerator = list->create_enumerator(list);
                        while (enumerator->enumerate(enumerator, &proposal))
                        {
                        enumerator = list->create_enumerator(list);
                        while (enumerator->enumerate(enumerator, &proposal))
                        {
@@ -644,13 +651,6 @@ METHOD(task_t, build_i, status_t,
                        }
                        enumerator->destroy(enumerator);
 
                        }
                        enumerator->destroy(enumerator);
 
-                       this->mode = this->config->get_mode(this->config);
-                       if (this->udp && this->mode == MODE_TRANSPORT)
-                       {
-                               /* TODO-IKEv1: disable NAT-T for TRANSPORT mode by default? */
-                               add_nat_oa_payloads(this, message);
-                       }
-
                        get_lifetimes(this);
                        sa_payload = sa_payload_create_from_proposals_v1(list,
                                                                this->lifetime, this->lifebytes, AUTH_NONE,
                        get_lifetimes(this);
                        sa_payload = sa_payload_create_from_proposals_v1(list,
                                                                this->lifetime, this->lifebytes, AUTH_NONE,