ha: Destroy synced IKE_SA if no configuration is found during update

diff --git a/src/libcharon/plugins/ha/ha_dispatcher.c b/src/libcharon/plugins/ha/ha_dispatcher.c
index 983f9d8fc188c2f12981599cf801bf6cc4677571..88160fe4f5eb391a4872015bbccc4edfb16483f6 100644 (file)
--- a/src/libcharon/plugins/ha/ha_dispatcher.c
+++ b/src/libcharon/plugins/ha/ha_dispatcher.c
@@ -373,6 +373,9 @@ static void process_ike_update(private_ha_dispatcher_t *this,
                                else
                                {
                                        DBG1(DBG_IKE, "HA is missing nodes peer configuration");
+                                       charon->ike_sa_manager->checkin_and_destroy(
+                                                                                               charon->ike_sa_manager, ike_sa);
+                                       ike_sa = NULL;
                                }
                                break;
                        case HA_EXTENSIONS: