From 85a6fe2306a468ba12952ccc4c4e00a770b55ab8 Mon Sep 17 00:00:00 2001
From: Tobias Brunner <tobias@strongswan.org>
Date: Thu, 23 Aug 2018 17:54:29 +0200
Subject: [PATCH] ikev1: Signal IKE_SA connection failure via bus

This is mainly for HA where a passive SA was already created when the
IKE keys were derived.  If e.g. an authentication error occurs later that
SA wouldn't get cleaned up.
---
 src/libcharon/sa/ikev1/task_manager_v1.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/libcharon/sa/ikev1/task_manager_v1.c b/src/libcharon/sa/ikev1/task_manager_v1.c
index 3472d2c35..3f1a97bc4 100644
--- a/src/libcharon/sa/ikev1/task_manager_v1.c
+++ b/src/libcharon/sa/ikev1/task_manager_v1.c
@@ -721,6 +721,7 @@ METHOD(task_manager_t, initiate, status_t,
 		{
 			case IKE_CONNECTING:
 				/* close after sending an INFORMATIONAL when unestablished */
+				charon->bus->ike_updown(charon->bus, this->ike_sa, FALSE);
 				return FAILED;
 			case IKE_DELETING:
 				/* close after sending a DELETE */