diff options
| author | Markus Friedl <markus@cvs.openbsd.org> | 2004-04-28 03:19:53 +0000 |
|---|---|---|
| committer | Markus Friedl <markus@cvs.openbsd.org> | 2004-04-28 03:19:53 +0000 |
| commit | ba6a1af885957ee62045876c4b4d4bc1e93c40f3 (patch) | |
| tree | 3c9735fcde05275b6a8c5f5996881c80aa8c1a2a | |
| parent | e93cfab72a7ba1cbf9324486e7629d6ad270284e (diff) | |
make sure send and reply are in sync; ok henning
| -rw-r--r-- | usr.sbin/bgpd/pfkey.c | 26 |
1 files changed, 25 insertions, 1 deletions
diff --git a/usr.sbin/bgpd/pfkey.c b/usr.sbin/bgpd/pfkey.c index f0453e3e13c..ad64dbd893c 100644 --- a/usr.sbin/bgpd/pfkey.c +++ b/usr.sbin/bgpd/pfkey.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pfkey.c,v 1.23 2004/04/28 02:57:00 henning Exp $ */ +/* $OpenBSD: pfkey.c,v 1.24 2004/04/28 03:19:52 markus Exp $ */ /* * Copyright (c) 2003, 2004 Henning Brauer <henning@openbsd.org> @@ -538,6 +538,8 @@ pfkey_ipsec_establish(struct peer *p) auth->enc_key_out, 0, 0) < 0) return (-1); + if (pfkey_reply(fd, NULL) < 0) + return (-1); if (pfkey_send(fd, SADB_SATYPE_ESP, SADB_ADD, 0, &p->conf.remote_addr, &p->conf.local_addr, auth->spi_in, @@ -547,23 +549,33 @@ pfkey_ipsec_establish(struct peer *p) auth->enc_key_in, 0, 0) < 0) return (-1); + if (pfkey_reply(fd, NULL) < 0) + return (-1); } if (pfkey_flow(fd, SADB_X_ADDFLOW, IPSP_DIRECTION_OUT, &p->conf.local_addr, &p->conf.remote_addr, 0, BGP_PORT) < 0) return (-1); + if (pfkey_reply(fd, NULL) < 0) + return (-1); if (pfkey_flow(fd, SADB_X_ADDFLOW, IPSP_DIRECTION_OUT, &p->conf.local_addr, &p->conf.remote_addr, BGP_PORT, 0) < 0) return (-1); + if (pfkey_reply(fd, NULL) < 0) + return (-1); if (pfkey_flow(fd, SADB_X_ADDFLOW, IPSP_DIRECTION_IN, &p->conf.remote_addr, &p->conf.local_addr, 0, BGP_PORT) < 0) return (-1); + if (pfkey_reply(fd, NULL) < 0) + return (-1); if (pfkey_flow(fd, SADB_X_ADDFLOW, IPSP_DIRECTION_IN, &p->conf.remote_addr, &p->conf.local_addr, BGP_PORT, 0) < 0) return (-1); + if (pfkey_reply(fd, NULL) < 0) + return (-1); p->auth_established = 1; return (0); @@ -578,29 +590,41 @@ pfkey_ipsec_remove(struct peer *p) p->conf.auth.spi_out, 0, 0, NULL, 0, 0, NULL, 0, 0) < 0) return (-1); + if (pfkey_reply(fd, NULL) < 0) + return (-1); if (pfkey_send(fd, SADB_SATYPE_ESP, SADB_DELETE, 0, &p->conf.remote_addr, &p->conf.local_addr, p->conf.auth.spi_in, 0, 0, NULL, 0, 0, NULL, 0, 0) < 0) return (-1); + if (pfkey_reply(fd, NULL) < 0) + return (-1); } if (pfkey_flow(fd, SADB_X_DELFLOW, IPSP_DIRECTION_OUT, &p->conf.local_addr, &p->conf.remote_addr, 0, BGP_PORT) < 0) return (-1); + if (pfkey_reply(fd, NULL) < 0) + return (-1); if (pfkey_flow(fd, SADB_X_DELFLOW, IPSP_DIRECTION_OUT, &p->conf.local_addr, &p->conf.remote_addr, BGP_PORT, 0) < 0) return (-1); + if (pfkey_reply(fd, NULL) < 0) + return (-1); if (pfkey_flow(fd, SADB_X_DELFLOW, IPSP_DIRECTION_IN, &p->conf.remote_addr, &p->conf.local_addr, 0, BGP_PORT) < 0) return (-1); + if (pfkey_reply(fd, NULL) < 0) + return (-1); if (pfkey_flow(fd, SADB_X_DELFLOW, IPSP_DIRECTION_IN, &p->conf.remote_addr, &p->conf.local_addr, BGP_PORT, 0) < 0) return (-1); + if (pfkey_reply(fd, NULL) < 0) + return (-1); return (0); } |