summaryrefslogtreecommitdiff
path: root/sbin
diff options
context:
space:
mode:
authorAngelos D. Keromytis <angelos@cvs.openbsd.org>2001-06-05 01:29:06 +0000
committerAngelos D. Keromytis <angelos@cvs.openbsd.org>2001-06-05 01:29:06 +0000
commit266464a5a3d9089d96361d38913d5f12b6c2e687 (patch)
tree40898d9d0dea7b63ec041c843d47d576d1c14179 /sbin
parentc62aa65842ff5c640f61bc27ce23723a45d45d3f (diff)
Dynamically allocate conn, as this is given to the exchange; cleanup
conf space on failure to establish dynamic SA. ok niklas@
Diffstat (limited to 'sbin')
-rw-r--r--sbin/isakmpd/exchange.c16
-rw-r--r--sbin/isakmpd/pf_key_v2.c21
2 files changed, 31 insertions, 6 deletions
diff --git a/sbin/isakmpd/exchange.c b/sbin/isakmpd/exchange.c
index 02b41a00d3c..63cd1e9d19f 100644
--- a/sbin/isakmpd/exchange.c
+++ b/sbin/isakmpd/exchange.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: exchange.c,v 1.47 2001/05/31 20:25:10 angelos Exp $ */
+/* $OpenBSD: exchange.c,v 1.48 2001/06/05 01:29:05 angelos Exp $ */
/* $EOM: exchange.c,v 1.143 2000/12/04 00:02:25 angelos Exp $ */
/*
@@ -1707,6 +1707,20 @@ exchange_establish (char *name,
* done. This is the case with dynamic SAs and PFKEY.
*/
exchange_establish (peer, exchange_establish_finalize, name);
+ exchange = exchange_lookup_by_name (peer, 1);
+ /*
+ * If the exchange was correctly initialized, add the original
+ * finalization routine; otherwise, call it directly.
+ */
+ if (exchange)
+ {
+ exchange_add_finalization (exchange, finalize, arg);
+ }
+ else
+ {
+ finalize (0, arg, 1); /* Indicate failure */
+ }
+ return;
}
else
exchange_establish_p2 (isakmp_sa, 0, name, 0, finalize, arg);
diff --git a/sbin/isakmpd/pf_key_v2.c b/sbin/isakmpd/pf_key_v2.c
index 8244039baf6..02f15f4e4d6 100644
--- a/sbin/isakmpd/pf_key_v2.c
+++ b/sbin/isakmpd/pf_key_v2.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: pf_key_v2.c,v 1.57 2001/06/05 01:03:40 itojun Exp $ */
+/* $OpenBSD: pf_key_v2.c,v 1.58 2001/06/05 01:29:05 angelos Exp $ */
/* $EOM: pf_key_v2.c,v 1.79 2000/12/12 00:33:19 niklas Exp $ */
/*
@@ -2324,10 +2324,10 @@ pf_key_v2_stayalive (struct exchange *exchange, void *vconn, int fail)
* Remove failed configuration entry -- call twice because it is
* created with a Refcount of 2.
*/
- if (fail && exchange->name)
+ if (fail && (!exchange || exchange->name))
{
- pf_key_v2_remove_conf (exchange->name);
- pf_key_v2_remove_conf (exchange->name);
+ pf_key_v2_remove_conf (conn);
+ pf_key_v2_remove_conf (conn);
}
}
@@ -2451,7 +2451,7 @@ pf_key_v2_acquire (struct pf_key_v2_msg *pmsg)
struct sadb_comb *scmb = 0;
struct sadb_prop *sprp = 0;
struct sadb_ident *srcident = 0, *dstident = 0;
- char dstbuf[ADDRESS_MAX], srcbuf[ADDRESS_MAX], *peer = 0, conn[22];
+ char dstbuf[ADDRESS_MAX], srcbuf[ADDRESS_MAX], *peer = 0, *conn = 0;
char confname[120];
char *srcid = 0, *dstid = 0, *prefstring = 0;
int slen, af;
@@ -2470,6 +2470,14 @@ pf_key_v2_acquire (struct pf_key_v2_msg *pmsg)
struct sadb_x_cred *cred = 0, *sauth = 0;
#endif
+ /* This needs to be dynamically allocated */
+ conn = malloc (22);
+ if (!conn)
+ {
+ log_error ("pf_key_v2_acquire: malloc (22) failed");
+ return;
+ }
+
msg = (struct sadb_msg *)TAILQ_FIRST (pmsg)->seg;
ext = pf_key_v2_find_ext (pmsg, SADB_EXT_ADDRESS_DST);
@@ -3383,6 +3391,7 @@ pf_key_v2_acquire (struct pf_key_v2_msg *pmsg)
/* Let's rock */
pf_key_v2_connection_check (conn);
+ conn = 0;
/* Fall-through to cleanup */
fail:
@@ -3396,6 +3405,8 @@ pf_key_v2_acquire (struct pf_key_v2_msg *pmsg)
free (dstid);
if (peer)
free (peer);
+ if (conn)
+ free (conn);
return;
#endif
}