diff options
| author | tobhe <tobhe@cvs.openbsd.org> | 2020-04-08 20:04:20 +0000 |
|---|---|---|
| committer | tobhe <tobhe@cvs.openbsd.org> | 2020-04-08 20:04:20 +0000 |
| commit | fd5d15cab6d9936926337ebb76ea3ce2598790ce (patch) | |
| tree | 6a09d23c364a6051c2cf1529bd279b382f68b6a8 /sbin/iked/ikev2.c | |
| parent | 201287c99756a195213b7a8f685b7e6b08c7ba8b (diff) | |
Prevent multiple ibuf leaks. Clean up on proccess shutdown.
ok markus@
Diffstat (limited to 'sbin/iked/ikev2.c')
| -rw-r--r-- | sbin/iked/ikev2.c | 13 |
1 files changed, 12 insertions, 1 deletions
diff --git a/sbin/iked/ikev2.c b/sbin/iked/ikev2.c index b41303a6a25..4074ea549b8 100644 --- a/sbin/iked/ikev2.c +++ b/sbin/iked/ikev2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ikev2.c,v 1.211 2020/04/05 13:52:14 tobhe Exp $ */ +/* $OpenBSD: ikev2.c,v 1.212 2020/04/08 20:04:19 tobhe Exp $ */ /* * Copyright (c) 2019 Tobias Heider <tobias.heider@stusta.de> @@ -55,6 +55,7 @@ void ikev2_log_proposal(struct iked_sa *, struct iked_proposals *); void ikev2_log_cert_info(const char *, struct iked_id *); void ikev2_run(struct privsep *, struct privsep_proc *, void *); +void ikev2_shutdown(struct privsep_proc *); int ikev2_dispatch_parent(int, struct privsep_proc *, struct imsg *); int ikev2_dispatch_cert(int, struct privsep_proc *, struct imsg *); int ikev2_dispatch_control(int, struct privsep_proc *, struct imsg *); @@ -189,10 +190,20 @@ ikev2_run(struct privsep *ps, struct privsep_proc *p, void *arg) * recvfd - for PFKEYv2 and the listening UDP sockets. * In theory, recvfd could be dropped after getting the fds once. */ + p->p_shutdown = ikev2_shutdown; if (pledge("stdio inet recvfd", NULL) == -1) fatal("pledge"); } +void +ikev2_shutdown(struct privsep_proc *p) +{ + struct iked *env = p->p_env; + + ibuf_release(env->sc_certreq); + env->sc_certreq = NULL; +} + int ikev2_dispatch_parent(int fd, struct privsep_proc *p, struct imsg *imsg) { |