summaryrefslogtreecommitdiff
path: root/sbin/isakmpd/sa.c
diff options
context:
space:
mode:
authorNiklas Hallqvist <niklas@cvs.openbsd.org>1999-06-02 06:29:36 +0000
committerNiklas Hallqvist <niklas@cvs.openbsd.org>1999-06-02 06:29:36 +0000
commitb7d8656b9687949f4de84f14316f58092b7d6010 (patch)
treec1531b67715cbc9301ed2bf3337adaefb4cc3509 /sbin/isakmpd/sa.c
parent311e92a35807067444a86e746f9700054ae3757a (diff)
Merge with EOM 1.95
author: niklas Some extra error checking, documentation and style wrt connections author: ho New flag author: niklas SA expiration randomization is really only good on the soft timeout, early hard expires may break more if we have a situation where our peer only wants to act as initiator, and trusts the negotiated lifetime.
Diffstat (limited to 'sbin/isakmpd/sa.c')
-rw-r--r--sbin/isakmpd/sa.c44
1 files changed, 21 insertions, 23 deletions
diff --git a/sbin/isakmpd/sa.c b/sbin/isakmpd/sa.c
index 168c6f436c4..4fe19de7546 100644
--- a/sbin/isakmpd/sa.c
+++ b/sbin/isakmpd/sa.c
@@ -1,5 +1,5 @@
-/* $OpenBSD: sa.c,v 1.20 1999/05/14 20:09:50 niklas Exp $ */
-/* $EOM: sa.c,v 1.92 1999/05/09 20:26:17 ho Exp $ */
+/* $OpenBSD: sa.c,v 1.21 1999/06/02 06:29:35 niklas Exp $ */
+/* $EOM: sa.c,v 1.95 1999/05/30 14:12:33 niklas Exp $ */
/*
* Copyright (c) 1998, 1999 Niklas Hallqvist. All rights reserved.
@@ -627,8 +627,7 @@ sa_hard_expire (void *v_sa)
}
/*
- * Get a SA attribute's flag value out of textual description.
- * XXX Kind of overkill for just one attribute, maybe simplify?
+ * Get an SA attribute's flag value out of textual description.
*/
int
sa_flag (char *attr)
@@ -637,7 +636,8 @@ sa_flag (char *attr)
char *name;
int flag;
} sa_flag_map[] = {
- { "stayalive", SA_FLAG_STAYALIVE }
+ { "stayalive", SA_FLAG_STAYALIVE },
+ { "active-only", SA_FLAG_ACTIVE_ONLY }
};
int i;
@@ -669,29 +669,24 @@ sa_setup_expirations (struct sa *sa)
struct timeval expiration;
/*
- * Decrease lifetime by random 0-5% to break strictly synchronized
- * renegotiations. Works better when the randomization is of the
+ * Set the soft timeout to a random percentage between 85 & 95 of
+ * the negotiated lifetime to break strictly synchronized
+ * renegotiations. This works better when the randomization is on the
* order of processing plus network-roundtrip times, or larger.
- * I.e depends on configuration and negotiated lifetimes.
- * This decrease is only done if we have a name, and thus can act as
- * initiator at the expiry time, otherwise we may drop our SA before
- * our peer, with no possibility to reestablish it.
+ * I.e. it depends on configuration and negotiated lifetimes.
+ * It is not good to do the decrease on the hard timeout, because then
+ * we may drop our SA before our peer.
* XXX Better scheme to come?
*/
- if (sa->name)
- {
- seconds = sa->seconds * (950 + sysdep_random () % 51) / 1000;
-
- log_debug (LOG_TIMER, 95,
- "sa_setup_expirations: "
- "SA lifetime reset from %qd to %qd seconds",
- sa->seconds, seconds);
- }
-
if (!sa->soft_death)
{
gettimeofday (&expiration, 0);
- expiration.tv_sec += seconds * 9 / 10;
+ /* XXX This should probably be configuration controlled somehow. */
+ seconds = sa->seconds * (850 + sysdep_random () % 100) / 1000;
+ log_debug (LOG_TIMER, 95,
+ "sa_setup_expirations: SA %p soft timeout in %qd seconds",
+ seconds);
+ expiration.tv_sec += seconds;
sa->soft_death
= timer_add_event ("sa_soft_expire", sa_soft_expire, sa, &expiration);
if (!sa->soft_death)
@@ -705,7 +700,10 @@ sa_setup_expirations (struct sa *sa)
if (!sa->death)
{
gettimeofday(&expiration, 0);
- expiration.tv_sec += seconds;
+ log_debug (LOG_TIMER, 95,
+ "sa_setup_expirations: SA %p hard timeout in %qd seconds",
+ sa->seconds);
+ expiration.tv_sec += sa->seconds;
sa->death
= timer_add_event ("sa_hard_expire", sa_hard_expire, sa, &expiration);
if (!sa->death)