Destroy IKE_SA after failed XAuth authentication.
authorTobias Brunner <tobias@strongswan.org>
Mon, 12 Dec 2011 17:38:32 +0000 (18:38 +0100)
committerTobias Brunner <tobias@strongswan.org>
Tue, 20 Mar 2012 16:31:17 +0000 (17:31 +0100)
src/libcharon/sa/tasks/xauth.c

index de93935..4fd896e 100644 (file)
@@ -277,9 +277,12 @@ METHOD(task_t, process_i_status, status_t,
                DBG1(DBG_IKE, "received invalid XAUTH status response");
                return FAILED;
        }
-
+       if (this->status != XAUTH_OK)
+       {
+               DBG1(DBG_IKE, "destroying IKE_SA after failed XAuth authentication");
+               return FAILED;
+       }
        establish(this);
-
        return SUCCESS;
 }