Destroy IKE_SA after failed XAuth authentication.

author Tobias Brunner <tobias@strongswan.org>

Mon, 12 Dec 2011 17:38:32 +0000 (18:38 +0100)

committer Tobias Brunner <tobias@strongswan.org>

Tue, 20 Mar 2012 16:31:17 +0000 (17:31 +0100)
author Tobias Brunner <tobias@strongswan.org>
Mon, 12 Dec 2011 17:38:32 +0000 (18:38 +0100)
committer Tobias Brunner <tobias@strongswan.org>
Tue, 20 Mar 2012 16:31:17 +0000 (17:31 +0100)
diff --git a/src/libcharon/sa/tasks/xauth.c b/src/libcharon/sa/tasks/xauth.c

index de93935a9adb51803213351294081dfd9eca9fb1..4fd896e3cc22c8a0c861490f77cda5a99e0c92f1 100644 (file)
--- a/src/libcharon/sa/tasks/xauth.c
+++ b/src/libcharon/sa/tasks/xauth.c
@@ -277,9 +277,12 @@ METHOD(task_t, process_i_status, status_t,
                 DBG1(DBG_IKE, "received invalid XAUTH status response");
                 return FAILED;
         }
-
+       if (this->status != XAUTH_OK)
+       {
+               DBG1(DBG_IKE, "destroying IKE_SA after failed XAuth authentication");
+               return FAILED;
+       }
         establish(this);
-
         return SUCCESS;
  }
author	Tobias Brunner <tobias@strongswan.org>
	Mon, 12 Dec 2011 17:38:32 +0000 (18:38 +0100)
committer	Tobias Brunner <tobias@strongswan.org>
	Tue, 20 Mar 2012 16:31:17 +0000 (17:31 +0100)