svn commit: r283102 - head/sys/netipsec
Andrey V. Elsukov
ae at FreeBSD.org
Tue May 19 08:37:04 UTC 2015
Author: ae
Date: Tue May 19 08:37:03 2015
New Revision: 283102
URL: https://svnweb.freebsd.org/changeset/base/283102
Log:
Change SA's state before sending SADB_EXPIRE message. This state will
be reported to keying daemon.
MFC after: 2 weeks
Modified:
head/sys/netipsec/key.c
Modified: head/sys/netipsec/key.c
==============================================================================
--- head/sys/netipsec/key.c Tue May 19 08:30:04 2015 (r283101)
+++ head/sys/netipsec/key.c Tue May 19 08:37:03 2015 (r283102)
@@ -4283,8 +4283,8 @@ key_flush_sad(time_t now)
if (sav->lft_h->addtime != 0 &&
now - sav->created > sav->lft_h->addtime) {
- key_expire(sav, 1);
key_sa_chgstate(sav, SADB_SASTATE_DEAD);
+ key_expire(sav, 1);
KEY_FREESAV(&sav);
}
#if 0 /* XXX Should we keep to send expire message until HARD lifetime ? */
@@ -4306,8 +4306,8 @@ key_flush_sad(time_t now)
/* check HARD lifetime by bytes */
else if (sav->lft_h->bytes != 0 &&
sav->lft_h->bytes < sav->lft_c->bytes) {
- key_expire(sav, 1);
key_sa_chgstate(sav, SADB_SASTATE_DEAD);
+ key_expire(sav, 1);
KEY_FREESAV(&sav);
}
}
More information about the svn-src-all
mailing list