ikev1: Fix handling of UNITY_LOAD_BALANCE
authorTobias Brunner <tobias@strongswan.org>
Thu, 2 Oct 2014 10:40:00 +0000 (12:40 +0200)
committerTobias Brunner <tobias@strongswan.org>
Tue, 7 Oct 2014 11:46:18 +0000 (13:46 +0200)
The re-authentication is now handled within the original IKE_SA if it has not
yet been established, so we don't want to destroy it.

src/libcharon/sa/ikev1/tasks/informational.c

index b742dbe..2798978 100644 (file)
@@ -112,16 +112,16 @@ METHOD(task_t, process_r, status_t,
                                                                                                          IKEV2_UDP_PORT);
                                        if (redirect)
                                        {       /* treat the redirect as reauthentication */
-                                               DBG1(DBG_IKE, "received %N notify. redirected to %H",
+                                               DBG1(DBG_IKE, "received %N notify, redirected to %H",
                                                         notify_type_names, type, redirect);
                                                /* Cisco boxes reject the first message from 4500 */
                                                me = this->ike_sa->get_my_host(this->ike_sa);
                                                me->set_port(me, charon->socket->get_port(
                                                                                                                charon->socket, FALSE));
                                                this->ike_sa->set_other_host(this->ike_sa, redirect);
-                                               this->ike_sa->reauth(this->ike_sa);
+                                               status = this->ike_sa->reauth(this->ike_sa);
                                                enumerator->destroy(enumerator);
-                                               return DESTROY_ME;
+                                               return status;
                                        }
                                        else
                                        {