SAs are valid (but dying) when they reached soft lifetime,

even if they have never been used.

Approved by:	gnn(mentor)
MFC after:	2 weeks

1 files changed, 7 insertions, 14 deletions

diff --git a/sys/netipsec/key.c b/sys/netipsec/key.c
index cf2a474..74d31dd 100644
--- a/sys/netipsec/key.c
+++ b/sys/netipsec/key.c
@@ -4154,22 +4154,15 @@ key_flush_sad(time_t now)
 			/* check SOFT lifetime */
 			if (sav->lft_s->addtime != 0 &&
 			    now - sav->created > sav->lft_s->addtime) {
-				/*
-				 * check SA to be used whether or not.
-				 * when SA hasn't been used, delete it.
+				key_sa_chgstate(sav, SADB_SASTATE_DYING);
+				/* Actually, only send expire message if SA has been used, as it
+				 * was done before, but should we always send such message, and let IKE
+				 * daemon decide if it should be renegociated or not ?
+				 * XXX expire message will actually NOT be sent if SA is only used
+				 * after soft lifetime has been reached, see below (DYING state)
 				 */
-				if (sav->lft_c->usetime == 0) {
-					key_sa_chgstate(sav, SADB_SASTATE_DEAD);
-					KEY_FREESAV(&sav);
-				} else {
-					key_sa_chgstate(sav, SADB_SASTATE_DYING);
-					/*
-					 * XXX If we keep to send expire
-					 * message in the status of
-					 * DYING. Do remove below code.
-					 */
+				if (sav->lft_c->usetime != 0)
 					key_expire(sav);
-				}
 			}
 			/* check SOFT lifetime by bytes */
 			/*