[src/trunk]: src/crypto/dist/ipsec-tools/src/racoon From Roman Hoog Antink <r...

[tteras <tteras%NetBSD.org@localhost>]

details:   https://anonhg.NetBSD.org/src/rev/fe2f68b9b28b
branches:  trunk
changeset: 761249:fe2f68b9b28b
user:      tteras <tteras%NetBSD.org@localhost>
date:      Sat Jan 22 07:38:51 2011 +0000

description:
>From Roman Hoog Antink <rha%open.ch@localhost>: Fixes a null pointer dereference
that might occur after removing peers from the config and then reloading.

diffstat:

 crypto/dist/ipsec-tools/src/racoon/isakmp_inf.c |  11 ++++++++++-
 1 files changed, 10 insertions(+), 1 deletions(-)

diffs (25 lines):

diff -r 9800685ff520 -r fe2f68b9b28b crypto/dist/ipsec-tools/src/racoon/isakmp_inf.c
--- a/crypto/dist/ipsec-tools/src/racoon/isakmp_inf.c   Sat Jan 22 01:36:27 2011 +0000
+++ b/crypto/dist/ipsec-tools/src/racoon/isakmp_inf.c   Sat Jan 22 07:38:51 2011 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: isakmp_inf.c,v 1.44 2010/11/17 10:40:41 tteras Exp $   */
+/*     $NetBSD: isakmp_inf.c,v 1.45 2011/01/22 07:38:51 tteras Exp $   */
 
 /* Id: isakmp_inf.c,v 1.44 2006/05/06 20:45:52 manubsd Exp */
 
@@ -1502,6 +1502,15 @@
 
        plog(LLV_DEBUG, LOCATION, iph1->remote, "DPD monitoring....\n");
 
+       if (iph1->status == PHASE1ST_EXPIRED) {
+               /* This can happen after removing tunnels from the
+                * config file and then reloading.
+                * Such iph1 have rmconf=NULL, so return before the if
+                * block below.
+                */
+               return;
+       }
+
        if (iph1->dpd_fails >= iph1->rmconf->dpd_maxfails) {
 
                plog(LLV_INFO, LOCATION, iph1->remote,