Send FAILED_CP_REQUIRED if a configuration payload was expected, but not received
authorMartin Willi <martin@revosec.ch>
Tue, 11 Sep 2012 10:20:37 +0000 (12:20 +0200)
committerMartin Willi <martin@revosec.ch>
Tue, 11 Sep 2012 14:18:28 +0000 (16:18 +0200)
src/libcharon/sa/ikev2/tasks/ike_config.c

index d624fd1..c44f045 100644 (file)
@@ -386,6 +386,15 @@ METHOD(task_t, build_r, status_t,
                        pools->destroy(pools);
                        return SUCCESS;
                }
+               if (pools->get_count(pools) && !this->vips->get_count(this->vips))
+               {
+                       DBG1(DBG_IKE, "expected a virtual IP request, sending %N",
+                                notify_type_names, FAILED_CP_REQUIRED);
+                       message->add_notify(message, FALSE, FAILED_CP_REQUIRED, chunk_empty);
+                       vips->destroy_offset(vips, offsetof(host_t, destroy));
+                       pools->destroy(pools);
+                       return SUCCESS;
+               }
 
                /* query registered providers for additional attributes to include */
                enumerator = hydra->attributes->create_responder_enumerator(