Add tdb_walk. tdb_delete() should clean up routes when deleting flows.

2 files changed, 65 insertions, 4 deletions

diff --git a/sys/netinet/ip_ipsp.c b/sys/netinet/ip_ipsp.c
index abb9db40f89..5e4eb4fea11 100644
--- a/sys/netinet/ip_ipsp.c
+++ b/sys/netinet/ip_ipsp.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: ip_ipsp.c,v 1.51 1999/07/17 00:41:52 niklas Exp $	*/
+/*	$OpenBSD: ip_ipsp.c,v 1.52 1999/08/05 21:58:15 ho Exp $	*/
 
 /*
  * The authors of this code are John Ioannidis (ji@tla.org),
@@ -517,6 +517,29 @@ tdb_hashstats()
 }
 #endif	/* DDB */
 
+/*
+ * Caller is responsible for setting at least spltdb().
+ */
+
+int
+tdb_walk(int (*walker)(struct tdb *, void *), void *arg)
+{
+    int i, rval = 0;
+    struct tdb *tdbp, *next;
+
+    if (tdbh == NULL)
+        return ENOENT;
+
+    for (i = 0; i <= tdb_hashmask; i++)
+	for (tdbp = tdbh[i]; rval == 0 && tdbp != NULL; tdbp = next)
+	{
+	    next = tdbp->tdb_hnext;
+	    rval = walker(tdbp, (void *)arg);
+	}
+
+    return rval;
+}
+
 struct flow *
 get_flow(void)
 {
@@ -979,7 +1002,44 @@ tdb_delete(struct tdb *tdbp, int delchain, int expflags)
       (*(tdbp->tdb_xform->xf_zeroize))(tdbp);
 
     while (tdbp->tdb_flow)
-	delete_flow(tdbp->tdb_flow, tdbp);
+    {
+        /* Delete the flow and the routing entry that goes with it. */ 
+        struct sockaddr_encap encapdst, encapnetmask;
+
+        bzero(&encapdst, sizeof(struct sockaddr_encap));
+        bzero(&encapnetmask, sizeof(struct sockaddr_encap));
+
+        encapdst.sen_len = SENT_IP4_LEN;
+        encapdst.sen_family = PF_KEY;
+        encapdst.sen_type = SENT_IP4;
+        encapdst.sen_ip_src = tdbp->tdb_flow->flow_src.sin.sin_addr;
+        encapdst.sen_ip_dst = tdbp->tdb_flow->flow_dst.sin.sin_addr;
+        encapdst.sen_proto = tdbp->tdb_flow->flow_proto;
+        encapdst.sen_sport = tdbp->tdb_flow->flow_src.sin.sin_port;
+        encapdst.sen_dport = tdbp->tdb_flow->flow_dst.sin.sin_port;
+
+        encapnetmask.sen_len = SENT_IP4_LEN;
+        encapnetmask.sen_family = PF_KEY;
+        encapnetmask.sen_type = SENT_IP4;
+        encapnetmask.sen_ip_src = tdbp->tdb_flow->flow_srcmask.sin.sin_addr;
+        encapnetmask.sen_ip_dst = tdbp->tdb_flow->flow_dstmask.sin.sin_addr;
+
+        if (tdbp->tdb_flow->flow_proto)
+        {
+            encapnetmask.sen_proto = 0xff;
+            if (tdbp->tdb_flow->flow_src.sin.sin_port)
+              encapnetmask.sen_sport = 0xffff;
+            if (tdbp->tdb_flow->flow_dst.sin.sin_port)
+              encapnetmask.sen_dport = 0xffff;
+        }
+
+        rtrequest(RTM_DELETE, (struct sockaddr *) &encapdst,
+                  (struct sockaddr *) 0,
+                  (struct sockaddr *) &encapnetmask,
+                  0, (struct rtentry **) 0);
+
+        delete_flow(tdbp->tdb_flow, tdbp);
+    }
 
     /* Cleanup SA-Bindings */
     for (tdbpp = TAILQ_FIRST(&tdbp->tdb_bind_in); tdbpp;
diff --git a/sys/netinet/ip_ipsp.h b/sys/netinet/ip_ipsp.h
index 54164a7fd89..6b6146d55b0 100644
--- a/sys/netinet/ip_ipsp.h
+++ b/sys/netinet/ip_ipsp.h
@@ -1,4 +1,4 @@
-/*	$OpenBSD: ip_ipsp.h,v 1.39 1999/07/15 14:15:41 niklas Exp $	*/
+/*	$OpenBSD: ip_ipsp.h,v 1.40 1999/08/05 21:58:15 ho Exp $	*/
 
 /*
  * The authors of this code are John Ioannidis (ji@tla.org),
@@ -440,11 +440,12 @@ extern u_int32_t reserve_spi(u_int32_t, u_int32_t, union sockaddr_union *,
 extern struct tdb *gettdb(u_int32_t, union sockaddr_union *, u_int8_t);
 extern void puttdb(struct tdb *);
 extern void tdb_delete(struct tdb *, int, int);
-extern int tdb_init (struct tdb *, u_int16_t, struct ipsecinit *);
+extern int tdb_init(struct tdb *, u_int16_t, struct ipsecinit *);
 extern void tdb_expiration(struct tdb *, int);
 /* Flag values for the last argument of tdb_expiration().  */
 #define TDBEXP_EARLY	1	/* The tdb is likely to end up early.  */
 #define TDBEXP_TIMEOUT	2	/* Maintain expiration timeout.  */
+extern int tdb_walk(int (*)(struct tdb *, void *), void *);
 extern void handle_expirations(void *);
 
 /* Flow management routines */