diff options
author | Hans-Joerg Hoexer <hshoexer@cvs.openbsd.org> | 2005-02-16 22:00:15 +0000 |
---|---|---|
committer | Hans-Joerg Hoexer <hshoexer@cvs.openbsd.org> | 2005-02-16 22:00:15 +0000 |
commit | 1d89342315864445a398b33c404d7d30e34acd05 (patch) | |
tree | ca59953f7fe3705c12a2f05b0cecdbc47ba7ba12 /sbin/isakmpd | |
parent | f1bb225f28476909e1b5f37bd00186376627ede3 (diff) |
On shutdown also send delete messages for isakmp SAs.
ok ho
Diffstat (limited to 'sbin/isakmpd')
-rw-r--r-- | sbin/isakmpd/isakmpd.c | 20 | ||||
-rw-r--r-- | sbin/isakmpd/sa.c | 5 |
2 files changed, 17 insertions, 8 deletions
diff --git a/sbin/isakmpd/isakmpd.c b/sbin/isakmpd/isakmpd.c index 8675201b02c..8cda945f7bb 100644 --- a/sbin/isakmpd/isakmpd.c +++ b/sbin/isakmpd/isakmpd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: isakmpd.c,v 1.68 2004/09/17 14:54:09 hshoexer Exp $ */ +/* $OpenBSD: isakmpd.c,v 1.69 2005/02/16 22:00:14 hshoexer Exp $ */ /* $EOM: isakmpd.c,v 1.54 2000/10/05 09:28:22 niklas Exp $ */ /* @@ -298,6 +298,12 @@ phase2_sa_check(struct sa *sa, void *arg) return sa->phase == 2; } +static int +phase1_sa_check(struct sa *sa, void *arg) +{ + return sa->phase == 1; +} + static void daemon_shutdown(void) { @@ -307,11 +313,15 @@ daemon_shutdown(void) if (sigtermed == 1) { log_print("isakmpd: shutting down..."); - /* Delete all active phase 2 SAs. */ - while ((sa = sa_find(phase2_sa_check, NULL))) { - /* Each DELETE is another (outgoing) message. */ + /* + * Delete all active SAs. First IPsec SAs, then ISAKMPD. + * Each DELETE is another (outgoing) message. + */ + while ((sa = sa_find(phase2_sa_check, NULL))) + sa_delete(sa, 1); + + while ((sa = sa_find(phase1_sa_check, NULL))) sa_delete(sa, 1); - } sigtermed++; } if (transport_prio_sendqs_empty()) { diff --git a/sbin/isakmpd/sa.c b/sbin/isakmpd/sa.c index c5b4a5178de..836200c64d6 100644 --- a/sbin/isakmpd/sa.c +++ b/sbin/isakmpd/sa.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sa.c,v 1.87 2005/01/30 12:36:13 hshoexer Exp $ */ +/* $OpenBSD: sa.c,v 1.88 2005/02/16 22:00:14 hshoexer Exp $ */ /* $EOM: sa.c,v 1.112 2000/12/12 00:22:52 niklas Exp $ */ /* @@ -1043,8 +1043,7 @@ cleanup: void sa_delete(struct sa *sa, int notify) { - /* Don't bother notifying of Phase 1 SA deletes. */ - if (sa->phase != 1 && notify) + if (notify) message_send_delete(sa); sa_free(sa); } |