diff options
author | tobhe <tobhe@cvs.openbsd.org> | 2019-11-15 13:55:14 +0000 |
---|---|---|
committer | tobhe <tobhe@cvs.openbsd.org> | 2019-11-15 13:55:14 +0000 |
commit | 15d0ea1920dccd1bc053bd73bd8944f152db4caf (patch) | |
tree | c8fa17803848c48a2d9cdf042e222de7f24ae379 /sbin/iked | |
parent | 066d426b1d87c941aeca5705fa0962154ea8ac14 (diff) |
Fix error handling in ikev2_msg_send.
Check sa is not NULL before using it. Use sa consistently instead of
mixing sa and msg->msg_sa. In the error case, if sa is not NULL, save
the message for retransmission and return 0 instead of -1.
ok mikeb@
Diffstat (limited to 'sbin/iked')
-rw-r--r-- | sbin/iked/ikev2_msg.c | 23 |
1 files changed, 12 insertions, 11 deletions
diff --git a/sbin/iked/ikev2_msg.c b/sbin/iked/ikev2_msg.c index d8e005eeb11..d36e9b3b2d7 100644 --- a/sbin/iked/ikev2_msg.c +++ b/sbin/iked/ikev2_msg.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ikev2_msg.c,v 1.58 2019/11/13 12:24:40 tobhe Exp $ */ +/* $OpenBSD: ikev2_msg.c,v 1.59 2019/11/15 13:55:13 tobhe Exp $ */ /* * Copyright (c) 2019 Tobias Heider <tobias.heider@stusta.de> @@ -315,7 +315,7 @@ ikev2_msg_send(struct iked *env, struct iked_message *msg) msg->msg_offset, sizeof(*hdr))) == NULL) return (-1); - isnatt = (msg->msg_natt || (msg->msg_sa && msg->msg_sa->sa_natt)); + isnatt = (msg->msg_natt || (sa && sa->sa_natt)); exchange = hdr->ike_exchange; flags = hdr->ike_flags; @@ -338,19 +338,20 @@ ikev2_msg_send(struct iked *env, struct iked_message *msg) if (sendtofrom(msg->msg_fd, ibuf_data(buf), ibuf_size(buf), 0, (struct sockaddr *)&msg->msg_peer, msg->msg_peerlen, (struct sockaddr *)&msg->msg_local, msg->msg_locallen) == -1) { - if (errno == EADDRNOTAVAIL) { - sa_state(env, msg->msg_sa, IKEV2_STATE_CLOSING); - timer_del(env, &msg->msg_sa->sa_timer); - timer_set(env, &msg->msg_sa->sa_timer, - ikev2_ike_sa_timeout, msg->msg_sa); - timer_add(env, &msg->msg_sa->sa_timer, + log_warn("%s: sendtofrom", __func__); + if (sa != NULL && errno == EADDRNOTAVAIL) { + sa_state(env, sa, IKEV2_STATE_CLOSING); + timer_del(env, &sa->sa_timer); + timer_set(env, &sa->sa_timer, + ikev2_ike_sa_timeout, sa); + timer_add(env, &sa->sa_timer, IKED_IKE_SA_DELETE_TIMEOUT); } - log_warn("%s: sendtofrom", __func__); - return (-1); + if (sa != NULL) + return (-1); } - if (!sa) + if (sa == NULL) return (0); if ((m = ikev2_msg_copy(env, msg)) == NULL) { |