Sat Jan 22 07:38:52 2011 UTC ()
From Roman Hoog Antink <rha@open.ch>: Fixes a null pointer dereference
that might occur after removing peers from the config and then reloading.


(tteras)
diff -r1.44 -r1.45 src/crypto/dist/ipsec-tools/src/racoon/isakmp_inf.c
cvs diff -r1.44 -r1.45 src/crypto/dist/ipsec-tools/src/racoon/isakmp_inf.c (expand / switch to unified diff)

--- src/crypto/dist/ipsec-tools/src/racoon/isakmp_inf.c 2010/11/17 10:40:41 1.44
+++ src/crypto/dist/ipsec-tools/src/racoon/isakmp_inf.c 2011/01/22 07:38:51 1.45
@@ -1,14 +1,14 @@ @@ -1,14 +1,14 @@
1/* $NetBSD: isakmp_inf.c,v 1.44 2010/11/17 10:40:41 tteras Exp $ */ 1/* $NetBSD: isakmp_inf.c,v 1.45 2011/01/22 07:38:51 tteras Exp $ */
2 2
3/* Id: isakmp_inf.c,v 1.44 2006/05/06 20:45:52 manubsd Exp */ 3/* Id: isakmp_inf.c,v 1.44 2006/05/06 20:45:52 manubsd Exp */
4 4
5/* 5/*
6 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 6 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
7 * All rights reserved. 7 * All rights reserved.
8 *  8 *
9 * Redistribution and use in source and binary forms, with or without 9 * Redistribution and use in source and binary forms, with or without
10 * modification, are permitted provided that the following conditions 10 * modification, are permitted provided that the following conditions
11 * are met: 11 * are met:
12 * 1. Redistributions of source code must retain the above copyright 12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer. 13 * notice, this list of conditions and the following disclaimer.
14 * 2. Redistributions in binary form must reproduce the above copyright 14 * 2. Redistributions in binary form must reproduce the above copyright
@@ -1492,26 +1492,35 @@ static void @@ -1492,26 +1492,35 @@ static void
1492isakmp_info_send_r_u(sc) 1492isakmp_info_send_r_u(sc)
1493 struct sched *sc; 1493 struct sched *sc;
1494{ 1494{
1495 struct ph1handle *iph1 = container_of(sc, struct ph1handle, dpd_r_u); 1495 struct ph1handle *iph1 = container_of(sc, struct ph1handle, dpd_r_u);
1496 1496
1497 /* create R-U-THERE payload */ 1497 /* create R-U-THERE payload */
1498 struct isakmp_pl_ru *ru; 1498 struct isakmp_pl_ru *ru;
1499 vchar_t *payload = NULL; 1499 vchar_t *payload = NULL;
1500 int tlen; 1500 int tlen;
1501 int error = 0; 1501 int error = 0;
1502 1502
1503 plog(LLV_DEBUG, LOCATION, iph1->remote, "DPD monitoring....\n"); 1503 plog(LLV_DEBUG, LOCATION, iph1->remote, "DPD monitoring....\n");
1504 1504
 1505 if (iph1->status == PHASE1ST_EXPIRED) {
 1506 /* This can happen after removing tunnels from the
 1507 * config file and then reloading.
 1508 * Such iph1 have rmconf=NULL, so return before the if
 1509 * block below.
 1510 */
 1511 return;
 1512 }
 1513
1505 if (iph1->dpd_fails >= iph1->rmconf->dpd_maxfails) { 1514 if (iph1->dpd_fails >= iph1->rmconf->dpd_maxfails) {
1506 1515
1507 plog(LLV_INFO, LOCATION, iph1->remote, 1516 plog(LLV_INFO, LOCATION, iph1->remote,
1508 "DPD: remote (ISAKMP-SA spi=%s) seems to be dead.\n", 1517 "DPD: remote (ISAKMP-SA spi=%s) seems to be dead.\n",
1509 isakmp_pindex(&iph1->index, 0)); 1518 isakmp_pindex(&iph1->index, 0));
1510 1519
1511 script_hook(iph1, SCRIPT_PHASE1_DEAD); 1520 script_hook(iph1, SCRIPT_PHASE1_DEAD);
1512 evt_phase1(iph1, EVT_PHASE1_DPD_TIMEOUT, NULL); 1521 evt_phase1(iph1, EVT_PHASE1_DPD_TIMEOUT, NULL);
1513 purge_remote(iph1); 1522 purge_remote(iph1);
1514 1523
1515 /* Do not reschedule here: phase1 is deleted, 1524 /* Do not reschedule here: phase1 is deleted,
1516 * DPD will be reactivated when a new ph1 will be negociated 1525 * DPD will be reactivated when a new ph1 will be negociated
1517 */ 1526 */