From: Martin Willi <martin@revosec.ch>
Date: Tue, 10 Mar 2015 14:08:58 +0000 (+0100)
Subject: ha: Destroy synced IKE_SA if no configuration is found during update
X-Git-Tag: 5.3.0dr1~8
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=438318c6c3b15db75bf5e18294edf9375a1a97f2;p=thirdparty%2Fstrongswan.git

ha: Destroy synced IKE_SA if no configuration is found during update
---

diff --git a/src/libcharon/plugins/ha/ha_dispatcher.c b/src/libcharon/plugins/ha/ha_dispatcher.c
index 983f9d8fc1..88160fe4f5 100644
--- a/src/libcharon/plugins/ha/ha_dispatcher.c
+++ b/src/libcharon/plugins/ha/ha_dispatcher.c
@@ -373,6 +373,9 @@ static void process_ike_update(private_ha_dispatcher_t *this,
 				else
 				{
 					DBG1(DBG_IKE, "HA is missing nodes peer configuration");
+					charon->ike_sa_manager->checkin_and_destroy(
+												charon->ike_sa_manager, ike_sa);
+					ike_sa = NULL;
 				}
 				break;
 			case HA_EXTENSIONS: