vici: Don't fall back to uninstalling traps if a matching shunt was found

This is different if `ike` and `child` are provided and uninstall()
fails as we call that without knowing whether a matching shunt exists.
But if `ike` is not provided we explicitly search for a matching shunt
and if found don't need to look for a trap policy.

diff --git a/src/libcharon/plugins/vici/vici_control.c b/src/libcharon/plugins/vici/vici_control.c
index 83e09d5..afee649 100644 (file)
--- a/src/libcharon/plugins/vici/vici_control.c
+++ b/src/libcharon/plugins/vici/vici_control.c
@@ -707,12 +707,16 @@ CALLBACK(uninstall, vici_message_t*,
                        }
                }
                enumerator->destroy(enumerator);
-               if (ike && charon->shunts->uninstall(charon->shunts, ike, child))
+               if (ike)
                {
+                       if (charon->shunts->uninstall(charon->shunts, ike, child))
+                       {
+                               free(ike);
+                               return send_reply(this, NULL);
+                       }
                        free(ike);
-                       return send_reply(this, NULL);
+                       return send_reply(this, "uninstalling policy '%s' failed", child);
                }
-               free(ike);
        }
        else if (charon->shunts->uninstall(charon->shunts, ike, child))
        {