CVSROOT: /cvs
Module name: src
Changes by: [email protected] 2014/05/06 03:48:40
Modified files:
sbin/iked : config.c ikev2.c policy.c
Log message:
cleanup IKE-SA tree handling (fixes repeated-insert & double-remove)
sa_new() always re-inserts an SA into the SA tree. in case of a key
collision it would try to free the new SA. While doing that it would
accidentially free the existing SA, since config_free_sa() does
RB_REMOVE() uncoditionally. This change fixes this by:
a) moving the responsibility for RB_REMOVE() to CALLER of config_free_sa() and
b) by calling config_free_sa() instead of sa_free() from sa_new()
It also changes to code to NEVER re-add an SA to the tree. So
RB_INSERT() is ONLY called once per SA. The code also makes sure
that there is always a KEY defined for this tree (ispi).
ok mikeb@
