ikev1: Fix config switching due to failed authentication during Aggressive mode
authorTobias Brunner <tobias@strongswan.org>
Fri, 7 Feb 2014 09:04:22 +0000 (10:04 +0100)
committerTobias Brunner <tobias@strongswan.org>
Wed, 12 Feb 2014 12:53:03 +0000 (13:53 +0100)
The encoded ID payload gets destroyed by the authenticator, which caused
a segmentation fault after the switch.

Fixes #501.

src/libcharon/sa/ikev1/tasks/aggressive_mode.c

index 46cbb87..d5d7f2c 100644 (file)
@@ -478,7 +478,7 @@ METHOD(task_t, process_r, status_t,
                        while (TRUE)
                        {
                                if (this->ph1->verify_auth(this->ph1, this->method, message,
-                                                                                  this->id_data))
+                                                                                  chunk_clone(this->id_data)))
                                {
                                        break;
                                }
@@ -487,12 +487,10 @@ METHOD(task_t, process_r, status_t,
                                                                                                        this->method, TRUE, NULL);
                                if (!this->peer_cfg)
                                {
-                                       this->id_data = chunk_empty;
                                        return send_delete(this);
                                }
                                this->ike_sa->set_peer_cfg(this->ike_sa, this->peer_cfg);
                        }
-                       this->id_data = chunk_empty;
 
                        if (!charon->bus->authorize(charon->bus, FALSE))
                        {