Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/crypto/dist/ipsec-tools/src/racoon Remove initial-contact en...
details: https://anonhg.NetBSD.org/src/rev/b967b907851b
branches: trunk
changeset: 758135:b967b907851b
user: tteras <tteras%NetBSD.org@localhost>
date: Thu Oct 21 06:04:33 2010 +0000
description:
Remove initial-contact entry when all ISAKMP-SA are purged via adminport.
This will avoid stale security associations if some of the delete
notifications happens to get lost.
diffstat:
crypto/dist/ipsec-tools/src/racoon/admin.c | 6 +++---
crypto/dist/ipsec-tools/src/racoon/handler.c | 18 +++++++++++++++++-
crypto/dist/ipsec-tools/src/racoon/handler.h | 3 ++-
3 files changed, 22 insertions(+), 5 deletions(-)
diffs (77 lines):
diff -r bae9b7d42296 -r b967b907851b crypto/dist/ipsec-tools/src/racoon/admin.c
--- a/crypto/dist/ipsec-tools/src/racoon/admin.c Thu Oct 21 01:02:34 2010 +0000
+++ b/crypto/dist/ipsec-tools/src/racoon/admin.c Thu Oct 21 06:04:33 2010 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: admin.c,v 1.33 2010/09/22 13:37:35 vanhu Exp $ */
+/* $NetBSD: admin.c,v 1.34 2010/10/21 06:04:33 tteras Exp $ */
/* Id: admin.c,v 1.25 2006/04/06 14:31:04 manubsd Exp */
@@ -299,9 +299,8 @@
break;
case ADMIN_DELETE_SA: {
- struct ph1handle *iph1;
+ char *loc, *rem;
struct ph1selector sel;
- char *loc, *rem;
memset(&sel, 0, sizeof(sel));
sel.local = (struct sockaddr *)
@@ -319,6 +318,7 @@
plog(LLV_INFO, LOCATION, NULL,
"admin delete-sa %s %s\n", loc, rem);
enumph1(&sel, admin_ph1_delete_sa, NULL);
+ remcontacted(sel.remote);
racoon_free(loc);
racoon_free(rem);
diff -r bae9b7d42296 -r b967b907851b crypto/dist/ipsec-tools/src/racoon/handler.c
--- a/crypto/dist/ipsec-tools/src/racoon/handler.c Thu Oct 21 01:02:34 2010 +0000
+++ b/crypto/dist/ipsec-tools/src/racoon/handler.c Thu Oct 21 06:04:33 2010 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: handler.c,v 1.32 2010/03/11 15:44:48 christos Exp $ */
+/* $NetBSD: handler.c,v 1.33 2010/10/21 06:04:33 tteras Exp $ */
/* Id: handler.c,v 1.28 2006/05/26 12:17:29 manubsd Exp */
@@ -966,6 +966,22 @@
}
void
+remcontacted(remote)
+ struct sockaddr *remote;
+{
+ struct contacted *p;
+
+ LIST_FOREACH(p, &ctdtree, chain) {
+ if (cmpsaddr(remote, p->remote) == 0) {
+ LIST_REMOVE(p, chain);
+ racoon_free(p->remote);
+ racoon_free(p);
+ break;
+ }
+ }
+}
+
+void
initctdtree()
{
LIST_INIT(&ctdtree);
diff -r bae9b7d42296 -r b967b907851b crypto/dist/ipsec-tools/src/racoon/handler.h
--- a/crypto/dist/ipsec-tools/src/racoon/handler.h Thu Oct 21 01:02:34 2010 +0000
+++ b/crypto/dist/ipsec-tools/src/racoon/handler.h Thu Oct 21 06:04:33 2010 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: handler.h,v 1.22 2009/09/03 09:29:07 tteras Exp $ */
+/* $NetBSD: handler.h,v 1.23 2010/10/21 06:04:33 tteras Exp $ */
/* Id: handler.h,v 1.19 2006/02/25 08:25:12 manubsd Exp */
@@ -518,6 +518,7 @@
extern struct contacted *getcontacted __P((struct sockaddr *));
extern int inscontacted __P((struct sockaddr *));
+extern void remcontacted __P((struct sockaddr *));
extern void initctdtree __P((void));
extern int check_recvdpkt __P((struct sockaddr *,
Home |
Main Index |
Thread Index |
Old Index