From: Tobias Brunner <tobias@strongswan.org>
Date: Thu, 2 Oct 2014 10:40:00 +0000 (+0200)
Subject: ikev1: Fix handling of UNITY_LOAD_BALANCE
X-Git-Tag: 5.2.1rc1~18
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=d52b8738b540fb9c0a1c8266f7a96c1d7c55fede;p=thirdparty%2Fstrongswan.git

ikev1: Fix handling of UNITY_LOAD_BALANCE

The re-authentication is now handled within the original IKE_SA if it has not
yet been established, so we don't want to destroy it.
---

diff --git a/src/libcharon/sa/ikev1/tasks/informational.c b/src/libcharon/sa/ikev1/tasks/informational.c
index b742dbef9c..2798978b25 100644
--- a/src/libcharon/sa/ikev1/tasks/informational.c
+++ b/src/libcharon/sa/ikev1/tasks/informational.c
@@ -112,16 +112,16 @@ METHOD(task_t, process_r, status_t,
 													  IKEV2_UDP_PORT);
 					if (redirect)
 					{	/* treat the redirect as reauthentication */
-						DBG1(DBG_IKE, "received %N notify. redirected to %H",
+						DBG1(DBG_IKE, "received %N notify, redirected to %H",
 							 notify_type_names, type, redirect);
 						/* Cisco boxes reject the first message from 4500 */
 						me = this->ike_sa->get_my_host(this->ike_sa);
 						me->set_port(me, charon->socket->get_port(
 														charon->socket, FALSE));
 						this->ike_sa->set_other_host(this->ike_sa, redirect);
-						this->ike_sa->reauth(this->ike_sa);
+						status = this->ike_sa->reauth(this->ike_sa);
 						enumerator->destroy(enumerator);
-						return DESTROY_ME;
+						return status;
 					}
 					else
 					{