diff options
author | ume <ume@FreeBSD.org> | 2002-03-01 12:17:21 +0000 |
---|---|---|
committer | ume <ume@FreeBSD.org> | 2002-03-01 12:17:21 +0000 |
commit | 308fbb2d3ec4d81da5bc54242a45c6bad34fa72c (patch) | |
tree | a53dfc7dc2affc20fc63e2d24023811c92cf3a82 /sys | |
parent | ff42cf3e07ea977d1757a36f2930a66c3787a0f7 (diff) | |
download | FreeBSD-src-308fbb2d3ec4d81da5bc54242a45c6bad34fa72c.zip FreeBSD-src-308fbb2d3ec4d81da5bc54242a45c6bad34fa72c.tar.gz |
(when new sa is preferred than old sa)
even if we fail to send pfkey message, remove the old sa.
Obtained from: KAME
MFC after: 1 week
Diffstat (limited to 'sys')
-rw-r--r-- | sys/netkey/key.c | 18 |
1 files changed, 9 insertions, 9 deletions
diff --git a/sys/netkey/key.c b/sys/netkey/key.c index b9e51bd..2306575 100644 --- a/sys/netkey/key.c +++ b/sys/netkey/key.c @@ -825,16 +825,14 @@ key_do_allocsa_policy(sah, state) * permanent. */ if (d->lft_c->sadb_lifetime_addtime != 0) { - struct mbuf *m, *result; key_sa_chgstate(d, SADB_SASTATE_DEAD); - key_freesav(d); m = key_setsadbmsg(SADB_DELETE, 0, - sav->sah->saidx.proto, 0, 0, d->refcnt); + d->sah->saidx.proto, 0, 0, d->refcnt - 1); if (!m) - return NULL; + goto msgfail; result = m; /* set sadb_address for saidx's. */ @@ -843,7 +841,7 @@ key_do_allocsa_policy(sah, state) d->sah->saidx.src.ss_len << 3, IPSEC_ULPROTO_ANY); if (!m) - return NULL; + goto msgfail; m_cat(result, m); /* set sadb_address for saidx's. */ @@ -852,20 +850,20 @@ key_do_allocsa_policy(sah, state) d->sah->saidx.src.ss_len << 3, IPSEC_ULPROTO_ANY); if (!m) - return NULL; + goto msgfail; m_cat(result, m); /* create SA extension */ m = key_setsadbsa(d); if (!m) - return NULL; + goto msgfail; m_cat(result, m); if (result->m_len < sizeof(struct sadb_msg)) { result = m_pullup(result, sizeof(struct sadb_msg)); if (result == NULL) - return NULL; + goto msgfail; } result->m_pkthdr.len = 0; @@ -876,7 +874,9 @@ key_do_allocsa_policy(sah, state) if (key_sendup_mbuf(NULL, result, KEY_SENDUP_REGISTERED)) - return NULL; + goto msgfail; + msgfail: + key_freesav(d); } } |