[src/trunk]: src/crypto/dist/ipsec-tools/src/racoon directly delete a ph1 in ...

To: source-changes-hg%NetBSD.org@localhost
Subject: [src/trunk]: src/crypto/dist/ipsec-tools/src/racoon directly delete a ph1 in ...
From: vanhu <vanhu%NetBSD.org@localhost>
Date: Mon, 06 Apr 2020 20:09:23 +0000

details:   https://anonhg.NetBSD.org/src/rev/1260fbe87d0d
branches:  trunk
changeset: 763154:1260fbe87d0d
user:      vanhu <vanhu%NetBSD.org@localhost>
date:      Fri Mar 11 14:30:07 2011 +0000

description:
directly delete a ph1 in remove_ph1-) instead of scheduling it, to avoid (completely ?) a race condition when reloading configuration

diffstat:

 crypto/dist/ipsec-tools/src/racoon/handler.c |  9 +++++++--
 crypto/dist/ipsec-tools/src/racoon/isakmp.c  |  5 ++++-
 2 files changed, 11 insertions(+), 3 deletions(-)

diffs (49 lines):

diff -r 2c5d65608b54 -r 1260fbe87d0d crypto/dist/ipsec-tools/src/racoon/handler.c
--- a/crypto/dist/ipsec-tools/src/racoon/handler.c      Fri Mar 11 13:28:52 2011 +0000
+++ b/crypto/dist/ipsec-tools/src/racoon/handler.c      Fri Mar 11 14:30:07 2011 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: handler.c,v 1.35 2010/12/28 06:00:18 tteras Exp $      */
+/*     $NetBSD: handler.c,v 1.36 2011/03/11 14:30:07 vanhu Exp $       */
 
 /* Id: handler.c,v 1.28 2006/05/26 12:17:29 manubsd Exp */
 
@@ -1447,6 +1447,7 @@
                 * - delete SPIs in kernel
                 * - delete generated SPD
                 * - unbind / rem / del ph2
+                * - XXX shoudld also send a delete-sa !?
                 */
                purge_ipsec_spi(iph2->dst, iph2->approval->head->proto_id,
                                                spis, 2);
@@ -1474,7 +1475,11 @@
                isakmp_info_send_d1(iph1);
        }
        iph1->status = PHASE1ST_EXPIRED;
-       sched_schedule(&iph1->sce, 1, isakmp_ph1delete_stub);
+       /* directly call isakmp_ph1delete to avoid as possible a race
+        * condition where we'll try to access iph1->rmconf after it has
+        * freed
+        */
+       isakmp_ph1delete(iph1);
 }
 
 
diff -r 2c5d65608b54 -r 1260fbe87d0d crypto/dist/ipsec-tools/src/racoon/isakmp.c
--- a/crypto/dist/ipsec-tools/src/racoon/isakmp.c       Fri Mar 11 13:28:52 2011 +0000
+++ b/crypto/dist/ipsec-tools/src/racoon/isakmp.c       Fri Mar 11 14:30:07 2011 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: isakmp.c,v 1.68 2011/03/01 14:33:58 vanhu Exp $        */
+/*     $NetBSD: isakmp.c,v 1.69 2011/03/11 14:30:07 vanhu Exp $        */
 
 /* Id: isakmp.c,v 1.74 2006/05/07 21:32:59 manubsd Exp */
 
@@ -2048,6 +2048,9 @@
                next = LIST_NEXT(p, ph1bind);
                if (p->status >= PHASE2ST_ESTABLISHED)
                        unbindph12(p);
+               /* Should we also remove non established ph2
+                * handles, as we just invalidated ph1handle ?
+                */
        }
 
        if (LIST_FIRST(&iph1->ph2tree) != NULL) {

Prev by Date: [src/trunk]: src/sys/dev/i2c Set DBCOOL_DEBUG if global DEBUG is set
Next by Date: [src/trunk]: src Add support for SMSC EMC6D103S
Previous by Thread: [src/trunk]: src/sys/dev/i2c Set DBCOOL_DEBUG if global DEBUG is set
Next by Thread: [src/trunk]: src Add support for SMSC EMC6D103S
Indexes:

Home | Main Index | Thread Index | Old Index