trap-manager: Properly check-in IKE_SA if initiating fails
authorTobias Brunner <tobias@strongswan.org>
Thu, 9 Jul 2015 12:34:19 +0000 (14:34 +0200)
committerTobias Brunner <tobias@strongswan.org>
Mon, 27 Jul 2015 11:49:26 +0000 (13:49 +0200)
This basically reverts f4e822c1b422 ("trap-manager: don't check-in
nonexisting IKE_SA if acquire fails").  As checkout_by_config() could
return an already existing and established IKE_SA we have to properly
destroy it, for instance, in case other threads are waiting to check
it out.  checkin_and_destroy() should handle the case of a new SA
properly (it produces a log message on level 1, though).

src/libcharon/sa/trap_manager.c

index d6ff3c8..3a70bd1 100644 (file)
@@ -377,8 +377,8 @@ METHOD(trap_manager_t, acquire, void,
                }
                else
                {
-                       ike_sa->destroy(ike_sa);
-                       charon->bus->set_sa(charon->bus, NULL);
+                       charon->ike_sa_manager->checkin_and_destroy(charon->ike_sa_manager,
+                                                                                                               ike_sa);
                }
        }
        peer->destroy(peer);