diff options
author | Angelos D. Keromytis <angelos@cvs.openbsd.org> | 2001-06-05 01:29:06 +0000 |
---|---|---|
committer | Angelos D. Keromytis <angelos@cvs.openbsd.org> | 2001-06-05 01:29:06 +0000 |
commit | 266464a5a3d9089d96361d38913d5f12b6c2e687 (patch) | |
tree | 40898d9d0dea7b63ec041c843d47d576d1c14179 /sbin | |
parent | c62aa65842ff5c640f61bc27ce23723a45d45d3f (diff) |
Dynamically allocate conn, as this is given to the exchange; cleanup
conf space on failure to establish dynamic SA. ok niklas@
Diffstat (limited to 'sbin')
-rw-r--r-- | sbin/isakmpd/exchange.c | 16 | ||||
-rw-r--r-- | sbin/isakmpd/pf_key_v2.c | 21 |
2 files changed, 31 insertions, 6 deletions
diff --git a/sbin/isakmpd/exchange.c b/sbin/isakmpd/exchange.c index 02b41a00d3c..63cd1e9d19f 100644 --- a/sbin/isakmpd/exchange.c +++ b/sbin/isakmpd/exchange.c @@ -1,4 +1,4 @@ -/* $OpenBSD: exchange.c,v 1.47 2001/05/31 20:25:10 angelos Exp $ */ +/* $OpenBSD: exchange.c,v 1.48 2001/06/05 01:29:05 angelos Exp $ */ /* $EOM: exchange.c,v 1.143 2000/12/04 00:02:25 angelos Exp $ */ /* @@ -1707,6 +1707,20 @@ exchange_establish (char *name, * done. This is the case with dynamic SAs and PFKEY. */ exchange_establish (peer, exchange_establish_finalize, name); + exchange = exchange_lookup_by_name (peer, 1); + /* + * If the exchange was correctly initialized, add the original + * finalization routine; otherwise, call it directly. + */ + if (exchange) + { + exchange_add_finalization (exchange, finalize, arg); + } + else + { + finalize (0, arg, 1); /* Indicate failure */ + } + return; } else exchange_establish_p2 (isakmp_sa, 0, name, 0, finalize, arg); diff --git a/sbin/isakmpd/pf_key_v2.c b/sbin/isakmpd/pf_key_v2.c index 8244039baf6..02f15f4e4d6 100644 --- a/sbin/isakmpd/pf_key_v2.c +++ b/sbin/isakmpd/pf_key_v2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pf_key_v2.c,v 1.57 2001/06/05 01:03:40 itojun Exp $ */ +/* $OpenBSD: pf_key_v2.c,v 1.58 2001/06/05 01:29:05 angelos Exp $ */ /* $EOM: pf_key_v2.c,v 1.79 2000/12/12 00:33:19 niklas Exp $ */ /* @@ -2324,10 +2324,10 @@ pf_key_v2_stayalive (struct exchange *exchange, void *vconn, int fail) * Remove failed configuration entry -- call twice because it is * created with a Refcount of 2. */ - if (fail && exchange->name) + if (fail && (!exchange || exchange->name)) { - pf_key_v2_remove_conf (exchange->name); - pf_key_v2_remove_conf (exchange->name); + pf_key_v2_remove_conf (conn); + pf_key_v2_remove_conf (conn); } } @@ -2451,7 +2451,7 @@ pf_key_v2_acquire (struct pf_key_v2_msg *pmsg) struct sadb_comb *scmb = 0; struct sadb_prop *sprp = 0; struct sadb_ident *srcident = 0, *dstident = 0; - char dstbuf[ADDRESS_MAX], srcbuf[ADDRESS_MAX], *peer = 0, conn[22]; + char dstbuf[ADDRESS_MAX], srcbuf[ADDRESS_MAX], *peer = 0, *conn = 0; char confname[120]; char *srcid = 0, *dstid = 0, *prefstring = 0; int slen, af; @@ -2470,6 +2470,14 @@ pf_key_v2_acquire (struct pf_key_v2_msg *pmsg) struct sadb_x_cred *cred = 0, *sauth = 0; #endif + /* This needs to be dynamically allocated */ + conn = malloc (22); + if (!conn) + { + log_error ("pf_key_v2_acquire: malloc (22) failed"); + return; + } + msg = (struct sadb_msg *)TAILQ_FIRST (pmsg)->seg; ext = pf_key_v2_find_ext (pmsg, SADB_EXT_ADDRESS_DST); @@ -3383,6 +3391,7 @@ pf_key_v2_acquire (struct pf_key_v2_msg *pmsg) /* Let's rock */ pf_key_v2_connection_check (conn); + conn = 0; /* Fall-through to cleanup */ fail: @@ -3396,6 +3405,8 @@ pf_key_v2_acquire (struct pf_key_v2_msg *pmsg) free (dstid); if (peer) free (peer); + if (conn) + free (conn); return; #endif } |