On Wed, Oct 21, 2020 at 10:08:09AM +0200, csszep wrote:
> Hi!
>
> This is 6.8-current.
>
> After i issued ikectl reset sa, then ikectl show sa shows garbage and
> after few second iked crash.
Hi,
thanks for the report!
The reason seems to be that 'reset sa' fails to clean up the dstid list.
Could you please confirm that the diff below fixes the bug?
Index: config.c
===================================================================
RCS file: /mount/openbsd/cvs/src/sbin/iked/config.c,v
retrieving revision 1.70
diff -u -p -r1.70 config.c
--- config.c 9 Oct 2020 08:59:15 -0000 1.70
+++ config.c 21 Oct 2020 08:42:50 -0000
@@ -528,6 +528,8 @@ config_getreset(struct iked *env, struct
if (mode == RESET_ALL ||
ikev2_ike_sa_delete(env, sa) != 0) {
RB_REMOVE(iked_sas, &env->sc_sas, sa);
+ if (sa->sa_dstid_entry_valid)
+ sa_dstid_remove(env, sa);
config_free_sa(env, sa);
}
}
