Hi! I can confirm the patch fixes the bug.
"ikectl reset sa" resets the SA, adn after few seconds the new SA established correctly Thx!! csszep Tobias Heider <[email protected]> ezt írta (időpont: 2020. okt. 21., Sze, 10:49): > On Wed, Oct 21, 2020 at 10:08:09AM +0200, csszep wrote: > > Hi! > > > > This is 6.8-current. > > > > After i issued ikectl reset sa, then ikectl show sa shows garbage and > > after few second iked crash. > > Hi, > > thanks for the report! > The reason seems to be that 'reset sa' fails to clean up the dstid list. > Could you please confirm that the diff below fixes the bug? > > Index: config.c > =================================================================== > RCS file: /mount/openbsd/cvs/src/sbin/iked/config.c,v > retrieving revision 1.70 > diff -u -p -r1.70 config.c > --- config.c 9 Oct 2020 08:59:15 -0000 1.70 > +++ config.c 21 Oct 2020 08:42:50 -0000 > @@ -528,6 +528,8 @@ config_getreset(struct iked *env, struct > if (mode == RESET_ALL || > ikev2_ike_sa_delete(env, sa) != 0) { > RB_REMOVE(iked_sas, &env->sc_sas, sa); > + if (sa->sa_dstid_entry_valid) > + sa_dstid_remove(env, sa); > config_free_sa(env, sa); > } > } >
