properly delete IKE_SA if IKE_SA_INIT processing failed
authorMartin Willi <martin@strongswan.org>
Thu, 7 May 2009 13:53:45 +0000 (15:53 +0200)
committerMartin Willi <martin@strongswan.org>
Thu, 7 May 2009 13:53:45 +0000 (15:53 +0200)
src/charon/sa/ike_sa.c

index b8e8213..126011e 100644 (file)
@@ -1424,6 +1424,11 @@ static status_t process_message(private_ike_sa_t *this, message_t *message)
                         exchange_type_names, message->get_exchange_type(message),
                         message->get_request(message) ? "request" : "response",
                         message->get_message_id(message));
+               
+               if (this->state == IKE_CREATED)
+               {       /* invalid initiation attempt, close SA */
+                       return DESTROY_ME;
+               }
                return status;
        }
        else