summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMarkus Friedl <markus@cvs.openbsd.org>2011-08-02 22:51:39 +0000
committerMarkus Friedl <markus@cvs.openbsd.org>2011-08-02 22:51:39 +0000
commitbdb52db09c0de956e90699ce3ddf524996164e9e (patch)
treec6d9e2866ee5cc1cd7dd067fd57d2bd7684e7ca0
parent5f10cb3b0fb59369a6f910594382901c990f07b1 (diff)
add refcounting for "Configuration" section for acquire-mode SAs
ok mikeb@
-rw-r--r--sbin/isakmpd/pf_key_v2.c8
1 files changed, 5 insertions, 3 deletions
diff --git a/sbin/isakmpd/pf_key_v2.c b/sbin/isakmpd/pf_key_v2.c
index ffca011c4a6..ac322333898 100644
--- a/sbin/isakmpd/pf_key_v2.c
+++ b/sbin/isakmpd/pf_key_v2.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: pf_key_v2.c,v 1.186 2010/09/22 13:45:16 mikeb Exp $ */
+/* $OpenBSD: pf_key_v2.c,v 1.187 2011/08/02 22:51:38 markus Exp $ */
/* $EOM: pf_key_v2.c,v 1.79 2000/12/12 00:33:19 niklas Exp $ */
/*
@@ -2108,7 +2108,7 @@ passed:
af = conf_begin();
configname = conf_get_str(section, "Configuration");
- conf_remove_section(af, configname);
+ pf_key_v2_conf_refhandle(af, configname);
/* These are the Phase 2 Local/Remote IDs. */
localid = conf_get_str(section, "Local-ID");
@@ -3272,6 +3272,7 @@ pf_key_v2_acquire(struct pf_key_v2_msg *pmsg)
if (!conf_get_str(configname, "Exchange_type")) {
if (conf_set(af, configname, "Exchange_type", "Quick_mode",
0, 0) ||
+ conf_set(af, peer, "Refcount", "1", 0, 0) ||
conf_set(af, configname, "DOI", "IPSEC", 0, 0)) {
conf_end(af, 0);
goto fail;
@@ -3290,7 +3291,8 @@ pf_key_v2_acquire(struct pf_key_v2_msg *pmsg)
goto fail;
}
}
- }
+ } else
+ pf_key_v2_conf_refinc(af, configname);
/* Set the ISAKMP-peer section. */
if (!conf_get_str(peer, "Phase")) {