summaryrefslogtreecommitdiff
path: root/sbin/isakmpd
diff options
context:
space:
mode:
authorHans-Joerg Hoexer <hshoexer@cvs.openbsd.org>2005-02-16 22:00:15 +0000
committerHans-Joerg Hoexer <hshoexer@cvs.openbsd.org>2005-02-16 22:00:15 +0000
commit1d89342315864445a398b33c404d7d30e34acd05 (patch)
treeca59953f7fe3705c12a2f05b0cecdbc47ba7ba12 /sbin/isakmpd
parentf1bb225f28476909e1b5f37bd00186376627ede3 (diff)
On shutdown also send delete messages for isakmp SAs.
ok ho
Diffstat (limited to 'sbin/isakmpd')
-rw-r--r--sbin/isakmpd/isakmpd.c20
-rw-r--r--sbin/isakmpd/sa.c5
2 files changed, 17 insertions, 8 deletions
diff --git a/sbin/isakmpd/isakmpd.c b/sbin/isakmpd/isakmpd.c
index 8675201b02c..8cda945f7bb 100644
--- a/sbin/isakmpd/isakmpd.c
+++ b/sbin/isakmpd/isakmpd.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: isakmpd.c,v 1.68 2004/09/17 14:54:09 hshoexer Exp $ */
+/* $OpenBSD: isakmpd.c,v 1.69 2005/02/16 22:00:14 hshoexer Exp $ */
/* $EOM: isakmpd.c,v 1.54 2000/10/05 09:28:22 niklas Exp $ */
/*
@@ -298,6 +298,12 @@ phase2_sa_check(struct sa *sa, void *arg)
return sa->phase == 2;
}
+static int
+phase1_sa_check(struct sa *sa, void *arg)
+{
+ return sa->phase == 1;
+}
+
static void
daemon_shutdown(void)
{
@@ -307,11 +313,15 @@ daemon_shutdown(void)
if (sigtermed == 1) {
log_print("isakmpd: shutting down...");
- /* Delete all active phase 2 SAs. */
- while ((sa = sa_find(phase2_sa_check, NULL))) {
- /* Each DELETE is another (outgoing) message. */
+ /*
+ * Delete all active SAs. First IPsec SAs, then ISAKMPD.
+ * Each DELETE is another (outgoing) message.
+ */
+ while ((sa = sa_find(phase2_sa_check, NULL)))
+ sa_delete(sa, 1);
+
+ while ((sa = sa_find(phase1_sa_check, NULL)))
sa_delete(sa, 1);
- }
sigtermed++;
}
if (transport_prio_sendqs_empty()) {
diff --git a/sbin/isakmpd/sa.c b/sbin/isakmpd/sa.c
index c5b4a5178de..836200c64d6 100644
--- a/sbin/isakmpd/sa.c
+++ b/sbin/isakmpd/sa.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sa.c,v 1.87 2005/01/30 12:36:13 hshoexer Exp $ */
+/* $OpenBSD: sa.c,v 1.88 2005/02/16 22:00:14 hshoexer Exp $ */
/* $EOM: sa.c,v 1.112 2000/12/12 00:22:52 niklas Exp $ */
/*
@@ -1043,8 +1043,7 @@ cleanup:
void
sa_delete(struct sa *sa, int notify)
{
- /* Don't bother notifying of Phase 1 SA deletes. */
- if (sa->phase != 1 && notify)
+ if (notify)
message_send_delete(sa);
sa_free(sa);
}