From: Tobias Brunner <tobias@strongswan.org>
Date: Thu, 9 Jul 2015 12:34:19 +0000 (+0200)
Subject: trap-manager: Properly check-in IKE_SA if initiating fails
X-Git-Tag: 5.3.3dr2~9^2~6
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=773fcb1605d413997450b59d114a1c035910cc58;p=thirdparty%2Fstrongswan.git

trap-manager: Properly check-in IKE_SA if initiating fails

This basically reverts f4e822c1b422 ("trap-manager: don't check-in
nonexisting IKE_SA if acquire fails").  As checkout_by_config() could
return an already existing and established IKE_SA we have to properly
destroy it, for instance, in case other threads are waiting to check
it out.  checkin_and_destroy() should handle the case of a new SA
properly (it produces a log message on level 1, though).
---

diff --git a/src/libcharon/sa/trap_manager.c b/src/libcharon/sa/trap_manager.c
index d6ff3c8c5d..3a70bd1359 100644
--- a/src/libcharon/sa/trap_manager.c
+++ b/src/libcharon/sa/trap_manager.c
@@ -377,8 +377,8 @@ METHOD(trap_manager_t, acquire, void,
 		}
 		else
 		{
-			ike_sa->destroy(ike_sa);
-			charon->bus->set_sa(charon->bus, NULL);
+			charon->ike_sa_manager->checkin_and_destroy(charon->ike_sa_manager,
+														ike_sa);
 		}
 	}
 	peer->destroy(peer);