diff options
| author | Hans-Joerg Hoexer <hshoexer@cvs.openbsd.org> | 2004-08-02 15:48:23 +0000 |
|---|---|---|
| committer | Hans-Joerg Hoexer <hshoexer@cvs.openbsd.org> | 2004-08-02 15:48:23 +0000 |
| commit | da5a2240e89d5fe2dc123aeba0cc0db4e87ffbaf (patch) | |
| tree | 32e082271053ee2b92dec3a429d283325881d571 /sbin | |
| parent | 6181fb31e7c693c1df53b9abe5c2a67bcf52acf7 (diff) | |
Do not expire unestablished phase 2 SAs on SIGHUP.
ok ho@
Diffstat (limited to 'sbin')
| -rw-r--r-- | sbin/isakmpd/sa.c | 10 |
1 files changed, 7 insertions, 3 deletions
diff --git a/sbin/isakmpd/sa.c b/sbin/isakmpd/sa.c index ec0af7d4bff..f0fa8d8f336 100644 --- a/sbin/isakmpd/sa.c +++ b/sbin/isakmpd/sa.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sa.c,v 1.83 2004/06/21 23:27:10 ho Exp $ */ +/* $OpenBSD: sa.c,v 1.84 2004/08/02 15:48:22 hshoexer Exp $ */ /* $EOM: sa.c,v 1.112 2000/12/12 00:22:52 niklas Exp $ */ /* @@ -1128,12 +1128,16 @@ sa_reinit(void) LOG_DBG((LOG_SA, 30, "sa_reinit: renegotiating active connections")); - /* Get phase 2 SAs. Soft expire those without active exchanges. */ + /* + * Get phase 2 SAs. Soft expire those without active exchanges. Do + * not touch a phase 2 SA where the soft expiration is not set, ie. + * the SA is not yet established. + * */ for (i = 0; i <= bucket_mask; i++) for (sa = LIST_FIRST(&sa_tab[i]); sa; sa = LIST_NEXT(sa, link)) if (sa->phase == 2) if (exchange_lookup_by_name(sa->name, - sa->phase) == 0) { + sa->phase) == 0 && sa->soft_death) { timer_remove_event(sa->soft_death); sa_soft_expire(sa); } |