summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorTobias Heider <tobhe@cvs.openbsd.org>2024-02-15 19:11:01 +0000
committerTobias Heider <tobhe@cvs.openbsd.org>2024-02-15 19:11:01 +0000
commitea65e74e4b9c1688030920033aae73867542f4b9 (patch)
tree1c8590791c07b7a8e78c5a3b2ddbf5231bed6731
parentf659aa1d17aebcf803eb0fc60c288c988610bd46 (diff)
Delay enabling sockets until ikev2 process is ready.
from markus@
-rw-r--r--sbin/iked/config.c17
-rw-r--r--sbin/iked/iked.h3
-rw-r--r--sbin/iked/ikev2.c3
3 files changed, 19 insertions, 4 deletions
diff --git a/sbin/iked/config.c b/sbin/iked/config.c
index 6398e641bdc..ff24c4bcc93 100644
--- a/sbin/iked/config.c
+++ b/sbin/iked/config.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: config.c,v 1.96 2024/02/13 12:25:11 tobhe Exp $ */
+/* $OpenBSD: config.c,v 1.97 2024/02/15 19:11:00 tobhe Exp $ */
/*
* Copyright (c) 2019 Tobias Heider <tobias.heider@stusta.de>
@@ -651,11 +651,24 @@ config_getsocket(struct iked *env, struct imsg *imsg,
event_set(&sock->sock_ev, sock->sock_fd,
EV_READ|EV_PERSIST, cb, sock);
- event_add(&sock->sock_ev, NULL);
return (0);
}
+void
+config_enablesocket(struct iked *env)
+{
+ struct iked_socket *sock;
+ size_t i;
+
+ for (i = 0; i < nitems(env->sc_sock4); i++)
+ if ((sock = env->sc_sock4[i]) != NULL)
+ event_add(&sock->sock_ev, NULL);
+ for (i = 0; i < nitems(env->sc_sock6); i++)
+ if ((sock = env->sc_sock6[i]) != NULL)
+ event_add(&sock->sock_ev, NULL);
+}
+
int
config_setpfkey(struct iked *env)
{
diff --git a/sbin/iked/iked.h b/sbin/iked/iked.h
index 3133764eac6..f13e6a08d43 100644
--- a/sbin/iked/iked.h
+++ b/sbin/iked/iked.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: iked.h,v 1.227 2024/02/15 19:04:12 tobhe Exp $ */
+/* $OpenBSD: iked.h,v 1.228 2024/02/15 19:11:00 tobhe Exp $ */
/*
* Copyright (c) 2019 Tobias Heider <tobias.heider@stusta.de>
@@ -925,6 +925,7 @@ int config_setsocket(struct iked *, struct sockaddr_storage *, in_port_t,
enum privsep_procid);
int config_getsocket(struct iked *env, struct imsg *,
void (*cb)(int, short, void *));
+void config_enablesocket(struct iked *env);
int config_setpfkey(struct iked *);
int config_getpfkey(struct iked *, struct imsg *);
int config_setuser(struct iked *, struct iked_user *, enum privsep_procid);
diff --git a/sbin/iked/ikev2.c b/sbin/iked/ikev2.c
index 0f7a966a623..8bbbeb34b1d 100644
--- a/sbin/iked/ikev2.c
+++ b/sbin/iked/ikev2.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ikev2.c,v 1.383 2024/01/24 10:09:07 tobhe Exp $ */
+/* $OpenBSD: ikev2.c,v 1.384 2024/02/15 19:11:00 tobhe Exp $ */
/*
* Copyright (c) 2019 Tobias Heider <tobias.heider@stusta.de>
@@ -248,6 +248,7 @@ ikev2_dispatch_parent(int fd, struct privsep_proc *p, struct imsg *imsg)
case IMSG_CTL_PASSIVE:
if (config_getmode(env, imsg->hdr.type) == -1)
return (0); /* ignore error */
+ config_enablesocket(env);
timer_del(env, &env->sc_inittmr);
TAILQ_FOREACH(pol, &env->sc_policies, pol_entry) {
if (policy_generate_ts(pol) == -1)