ikev1: Signal IKE_SA connection failure via bus

This is mainly for HA where a passive SA was already created when the
IKE keys were derived.  If e.g. an authentication error occurs later that
SA wouldn't get cleaned up.

diff --git a/src/libcharon/sa/ikev1/task_manager_v1.c b/src/libcharon/sa/ikev1/task_manager_v1.c
index 3472d2c3517dc6318a8e38345f7598e105232ecf..3f1a97bc425f8edc96ac6e73308960a342777147 100644 (file)
--- a/src/libcharon/sa/ikev1/task_manager_v1.c
+++ b/src/libcharon/sa/ikev1/task_manager_v1.c
@@ -721,6 +721,7 @@ METHOD(task_manager_t, initiate, status_t,
                {
                        case IKE_CONNECTING:
                                /* close after sending an INFORMATIONAL when unestablished */
+                               charon->bus->ike_updown(charon->bus, this->ike_sa, FALSE);
                                return FAILED;
                        case IKE_DELETING:
                                /* close after sending a DELETE */