diff options
| author | Mike Belopuhov <mikeb@cvs.openbsd.org> | 2012-05-30 09:39:36 +0000 |
|---|---|---|
| committer | Mike Belopuhov <mikeb@cvs.openbsd.org> | 2012-05-30 09:39:36 +0000 |
| commit | f9cd2a2bc81d7782602c5ea41b55da945c6d1837 (patch) | |
| tree | c5439cd371e7ccd9cf26899a0f61e1fe090de3a8 /sbin/iked/ikev2.c | |
| parent | fdd072e80ce3563e1803e324d6493b4b33fc4262 (diff) | |
when changing peer's address in the SA, remove the old entry from the
tree before doing the actual change, otherwise we won't remove anything
for real. also add the newly created SA to the peer's tree so that
initiator timer will treat the ike policy as "in progress".
Diffstat (limited to 'sbin/iked/ikev2.c')
| -rw-r--r-- | sbin/iked/ikev2.c | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/sbin/iked/ikev2.c b/sbin/iked/ikev2.c index 3d8720a1300..a478758bfc1 100644 --- a/sbin/iked/ikev2.c +++ b/sbin/iked/ikev2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ikev2.c,v 1.63 2012/05/30 09:18:13 mikeb Exp $ */ +/* $OpenBSD: ikev2.c,v 1.64 2012/05/30 09:39:35 mikeb Exp $ */ /* $vantronix: ikev2.c,v 1.101 2010/06/03 07:57:33 reyk Exp $ */ /* @@ -788,6 +788,12 @@ ikev2_init_ike_sa_peer(struct iked *env, struct iked_policy *pol, goto done; } + memcpy(&sa->sa_polpeer, &pol->pol_peer, sizeof(sa->sa_polpeer)); + if (RB_INSERT(iked_sapeers, &pol->pol_sapeers, sa)) { + log_debug("%s: conflicting sa", __func__); + goto done; + } + if ((ret = ikev2_msg_send(env, &req)) == 0) sa_state(env, sa, IKEV2_STATE_SA_INIT); |