diff options
| author | Markus Friedl <markus@cvs.openbsd.org> | 2005-10-26 20:10:50 +0000 |
|---|---|---|
| committer | Markus Friedl <markus@cvs.openbsd.org> | 2005-10-26 20:10:50 +0000 |
| commit | fd94bc876ef0669419fc6ff53f59df62559c9be0 (patch) | |
| tree | 678a6492f5f183a2bdd7d84d9099b491666c0662 /sbin/isakmpd/dpd.c | |
| parent | 0cd1a7ddb5c254ea2b8941c4cb373687682b49a8 (diff) | |
don't send DPD messages before the exchange is finialized, otherwise
we have a race between DPD and exchange timeouts and both will release
the SA and corrupt the SA list. ok hshoexer@, ho@
Diffstat (limited to 'sbin/isakmpd/dpd.c')
| -rw-r--r-- | sbin/isakmpd/dpd.c | 22 |
1 files changed, 14 insertions, 8 deletions
diff --git a/sbin/isakmpd/dpd.c b/sbin/isakmpd/dpd.c index 040b030a3b6..61fdd63843e 100644 --- a/sbin/isakmpd/dpd.c +++ b/sbin/isakmpd/dpd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: dpd.c,v 1.13 2005/05/04 10:05:01 hshoexer Exp $ */ +/* $OpenBSD: dpd.c,v 1.14 2005/10/26 20:10:48 markus Exp $ */ /* * Copyright (c) 2004 Håkan Olsson. All rights reserved. @@ -122,19 +122,25 @@ dpd_check_vendor_payload(struct message *msg, struct payload *p) msg->exchange->flags |= EXCHANGE_FLAG_DPD_CAP_PEER; LOG_DBG((LOG_EXCHANGE, 10, "dpd_check_vendor_payload: " "DPD capable peer detected")); - if (dpd_timer_interval(0) != 0) { - LOG_DBG((LOG_EXCHANGE, 10, - "dpd_check_vendor_payload: enabling")); - msg->isakmp_sa->flags |= SA_FLAG_DPD; - dpd_timer_reset(msg->isakmp_sa, 0, - DPD_TIMER_NORMAL); - } } p->flags |= PL_MARK; } } /* + * Arm the DPD timer + */ +void +dpd_start(struct sa *isakmp_sa) +{ + if (dpd_timer_interval(0) != 0) { + LOG_DBG((LOG_EXCHANGE, 10, "dpd_enable: enabling")); + isakmp_sa->flags |= SA_FLAG_DPD; + dpd_timer_reset(isakmp_sa, 0, DPD_TIMER_NORMAL); + } +} + +/* * All incoming DPD Notify messages enter here. Message has been validated. */ void |