diff options
| author |   hshoexer <hshoexer@openbsd.org> | 2006-03-20 16:49:12 +0000 |
|---|---|---|
| committer | hshoexer <hshoexer@openbsd.org> | 2006-03-20 16:49:12 +0000 |
| commit | 5e7785a12fa5f068a82dea647c2680dd62c00302 (patch) | |
| tree | 31ba37a13cb493108e5a9791b335e570d91840d6 | |
| parent | make sure the command fifo is ready before isakmpd returns. This (diff) | |
| download | wireguard-openbsd-5e7785a12fa5f068a82dea647c2680dd62c00302.tar.xz wireguard-openbsd-5e7785a12fa5f068a82dea647c2680dd62c00302.zip | |
When adding a connection, do not explicitly start that connection
using "t" and "c" fifo commands. This is prone to a race when
adding several tunnels between the same peers. Just let isakmpd
start that connection on its own (using the connection checker).
| -rw-r--r-- | sbin/ipsecctl/ike.c | 4 |
1 files changed, 1 insertions, 3 deletions
diff --git a/sbin/ipsecctl/ike.c b/sbin/ipsecctl/ike.c index e44d3bf9288..bcd7cd905a7 100644 --- a/sbin/ipsecctl/ike.c +++ b/sbin/ipsecctl/ike.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ike.c,v 1.18 2006/03/07 00:19:58 reyk Exp $ */ +/* $OpenBSD: ike.c,v 1.19 2006/03/20 16:49:12 hshoexer Exp $ */ /* * Copyright (c) 2005 Hans-Joerg Hoexer <hshoexer@openbsd.org> * @@ -317,8 +317,6 @@ ike_connect(u_int8_t mode, struct ipsec_addr_wrap *src, struct ipsec_addr_wrap case IKE_DYNAMIC: fprintf(fd, ADD "[Phase 2]:Connections=IPsec-%s-%s\n", src->name, dst->name); - fprintf(fd, "t IPsec-%s-%s\n", src->name, dst->name); - fprintf(fd, "c IPsec-%s-%s\n", src->name, dst->name); break; case IKE_PASSIVE: fprintf(fd, ADD "[Phase 2]:Passive-Connections=IPsec-%s-%s\n", |