ha: Destroy synced IKE_SA if no configuration is found during update

author Martin Willi <martin@revosec.ch>

Tue, 10 Mar 2015 14:08:58 +0000 (15:08 +0100)

committer Martin Willi <martin@revosec.ch>

Tue, 10 Mar 2015 14:08:58 +0000 (15:08 +0100)
author Martin Willi <martin@revosec.ch>
Tue, 10 Mar 2015 14:08:58 +0000 (15:08 +0100)
committer Martin Willi <martin@revosec.ch>
Tue, 10 Mar 2015 14:08:58 +0000 (15:08 +0100)
diff --git a/src/libcharon/plugins/ha/ha_dispatcher.c b/src/libcharon/plugins/ha/ha_dispatcher.c

index 983f9d8..88160fe 100644 (file)
--- a/src/libcharon/plugins/ha/ha_dispatcher.c
+++ b/src/libcharon/plugins/ha/ha_dispatcher.c
@@ -373,6 +373,9 @@ static void process_ike_update(private_ha_dispatcher_t *this,
                                 else
                                 {
                                         DBG1(DBG_IKE, "HA is missing nodes peer configuration");
+                                       charon->ike_sa_manager->checkin_and_destroy(
+                                                                                               charon->ike_sa_manager, ike_sa);
+                                       ike_sa = NULL;
                                 }
                                 break;
                         case HA_EXTENSIONS:
author	Martin Willi <martin@revosec.ch>
	Tue, 10 Mar 2015 14:08:58 +0000 (15:08 +0100)
committer	Martin Willi <martin@revosec.ch>
	Tue, 10 Mar 2015 14:08:58 +0000 (15:08 +0100)