Sat Jan 22 07:44:39 2011 UTC ()
From Roman Hoog Antink <rha@open.ch>: Fixes a null pointer dereference
that might occur after removing peers from the config and then reloading.


(tteras)
diff -r1.14.4.17 -r1.14.4.18 src/crypto/dist/ipsec-tools/src/racoon/isakmp_inf.c
cvs diff -r1.14.4.17 -r1.14.4.18 src/crypto/dist/ipsec-tools/src/racoon/isakmp_inf.c (expand / switch to unified diff)

--- src/crypto/dist/ipsec-tools/src/racoon/isakmp_inf.c 2009/05/18 17:07:46 1.14.4.17
+++ src/crypto/dist/ipsec-tools/src/racoon/isakmp_inf.c 2011/01/22 07:44:39 1.14.4.18
@@ -1,14 +1,14 @@ @@ -1,14 +1,14 @@
1/* $NetBSD: isakmp_inf.c,v 1.14.4.17 2009/05/18 17:07:46 tteras Exp $ */ 1/* $NetBSD: isakmp_inf.c,v 1.14.4.18 2011/01/22 07:44:39 tteras Exp $ */
2 2
3/* Id: isakmp_inf.c,v 1.44 2006/05/06 20:45:52 manubsd Exp */ 3/* Id: isakmp_inf.c,v 1.44 2006/05/06 20:45:52 manubsd Exp */
4 4
5/* 5/*
6 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 6 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
7 * All rights reserved. 7 * All rights reserved.
8 *  8 *
9 * Redistribution and use in source and binary forms, with or without 9 * Redistribution and use in source and binary forms, with or without
10 * modification, are permitted provided that the following conditions 10 * modification, are permitted provided that the following conditions
11 * are met: 11 * are met:
12 * 1. Redistributions of source code must retain the above copyright 12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer. 13 * notice, this list of conditions and the following disclaimer.
14 * 2. Redistributions in binary form must reproduce the above copyright 14 * 2. Redistributions in binary form must reproduce the above copyright
@@ -1614,26 +1614,35 @@ isakmp_info_send_r_u(arg) @@ -1614,26 +1614,35 @@ isakmp_info_send_r_u(arg)
1614{ 1614{
1615 struct ph1handle *iph1 = arg; 1615 struct ph1handle *iph1 = arg;
1616 1616
1617 /* create R-U-THERE payload */ 1617 /* create R-U-THERE payload */
1618 struct isakmp_pl_ru *ru; 1618 struct isakmp_pl_ru *ru;
1619 vchar_t *payload = NULL; 1619 vchar_t *payload = NULL;
1620 int tlen; 1620 int tlen;
1621 int error = 0; 1621 int error = 0;
1622 1622
1623 plog(LLV_DEBUG, LOCATION, iph1->remote, "DPD monitoring....\n"); 1623 plog(LLV_DEBUG, LOCATION, iph1->remote, "DPD monitoring....\n");
1624 1624
1625 iph1->dpd_r_u=NULL; 1625 iph1->dpd_r_u=NULL;
1626 1626
 1627 if (iph1->status == PHASE1ST_EXPIRED) {
 1628 /* This can happen after removing tunnels from the
 1629 * config file and then reloading.
 1630 * Such iph1 have rmconf=NULL, so return before the if
 1631 * block below.
 1632 */
 1633 return;
 1634 }
 1635
1627 if (iph1->dpd_fails >= iph1->rmconf->dpd_maxfails) { 1636 if (iph1->dpd_fails >= iph1->rmconf->dpd_maxfails) {
1628 1637
1629 plog(LLV_INFO, LOCATION, iph1->remote, 1638 plog(LLV_INFO, LOCATION, iph1->remote,
1630 "DPD: remote (ISAKMP-SA spi=%s) seems to be dead.\n", 1639 "DPD: remote (ISAKMP-SA spi=%s) seems to be dead.\n",
1631 isakmp_pindex(&iph1->index, 0)); 1640 isakmp_pindex(&iph1->index, 0));
1632 1641
1633 EVT_PUSH(iph1->local, iph1->remote, EVTT_DPD_TIMEOUT, NULL); 1642 EVT_PUSH(iph1->local, iph1->remote, EVTT_DPD_TIMEOUT, NULL);
1634 purge_remote(iph1); 1643 purge_remote(iph1);
1635 1644
1636 /* Do not reschedule here: phase1 is deleted, 1645 /* Do not reschedule here: phase1 is deleted,
1637 * DPD will be reactivated when a new ph1 will be negociated 1646 * DPD will be reactivated when a new ph1 will be negociated
1638 */ 1647 */
1639 return; 1648 return;