git.ipfire.org Git - thirdparty/strongswan.git/commit

author	Shmulik Ladkani <shmulik@nsof.io>
	Tue, 19 Feb 2019 11:31:11 +0000 (13:31 +0200)
committer	Tobias Brunner <tobias@strongswan.org>
	Tue, 19 Feb 2019 16:00:11 +0000 (17:00 +0100)
commit	71b22c250fb98550285e614ea6e2728194579837
tree	9c035fc654fa5ff2625968cb4d4564671c876ef9	tree \| snapshot
parent	0f193be23dab43e86789f523a5b023b70a79db20	commit \| diff

vici: Fix wrong argument order for terminate_ike() in clear_start_action()

In 7b7290977 ("controller: Add option to force destruction of an IKE_SA")
the 'force' option was added as 3rd parameter to controller_t::terminate_ike.

However in vici's 'clear_start_action', the argument was incorrectly
placed as the 2nd parameter - constantly sending 0 (FALSE) as the
'unique_id' to terminate, rendering calls to 'handle_start_actions'
having undo=TRUE being unable to terminate the relevant conn.

For example, this is log of such a bogus 'unload-conn':

  strongswan[498]: 13[CFG] vici client 96 requests: unload-conn
  strongswan[498]: 13[CFG] closing IKE_SA #9
  strongswan[498]: 13[IKE] unable to terminate IKE_SA: ID 0 not found
  strongswan[498]: 09[CFG] vici client 96 disconnected

here, the unloaded conn's IKE id was 9, alas 'terminate_ike_execute'
reports failure to terminate "ID 0".

Fix by passing 'id, FALSE' arguments in the correct order.

Fixes: 7b7290977 ("controller: Add option to force destruction of an IKE_SA")
Signed-off-by: Shmulik Ladkani <shmulik@metanetworks.com>
Closes strongswan/strongswan#127.