diff options
| author |   hshoexer <hshoexer@openbsd.org> | 2004-08-02 15:48:22 +0000 |
|---|---|---|
| committer | hshoexer <hshoexer@openbsd.org> | 2004-08-02 15:48:22 +0000 |
| commit | 90cd60399d5f36461af02d13253ea28121c91a15 (patch) | |
| tree | 855c1a344da79c08d9f989a33760a73485e9824e | |
| parent | Missed to add virtual.c here. Noted by Benjamin Pineau. (diff) | |
| download | wireguard-openbsd-90cd60399d5f36461af02d13253ea28121c91a15.tar.xz wireguard-openbsd-90cd60399d5f36461af02d13253ea28121c91a15.zip | |
Do not expire unestablished phase 2 SAs on SIGHUP.
ok ho@
| -rw-r--r-- | sbin/isakmpd/sa.c | 10 |
1 files changed, 7 insertions, 3 deletions
diff --git a/sbin/isakmpd/sa.c b/sbin/isakmpd/sa.c index ec0af7d4bff..f0fa8d8f336 100644 --- a/sbin/isakmpd/sa.c +++ b/sbin/isakmpd/sa.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sa.c,v 1.83 2004/06/21 23:27:10 ho Exp $ */ +/* $OpenBSD: sa.c,v 1.84 2004/08/02 15:48:22 hshoexer Exp $ */ /* $EOM: sa.c,v 1.112 2000/12/12 00:22:52 niklas Exp $ */ /* @@ -1128,12 +1128,16 @@ sa_reinit(void) LOG_DBG((LOG_SA, 30, "sa_reinit: renegotiating active connections")); - /* Get phase 2 SAs. Soft expire those without active exchanges. */ + /* + * Get phase 2 SAs. Soft expire those without active exchanges. Do + * not touch a phase 2 SA where the soft expiration is not set, ie. + * the SA is not yet established. + * */ for (i = 0; i <= bucket_mask; i++) for (sa = LIST_FIRST(&sa_tab[i]); sa; sa = LIST_NEXT(sa, link)) if (sa->phase == 2) if (exchange_lookup_by_name(sa->name, - sa->phase) == 0) { + sa->phase) == 0 && sa->soft_death) { timer_remove_event(sa->soft_death); sa_soft_expire(sa); } |