Module Name: src
Committed By: tteras
Date: Sat Jan 22 07:44:39 UTC 2011
Modified Files:
src/crypto/dist/ipsec-tools/src/racoon [ipsec-tools-0_7-branch]:
isakmp_inf.c
Log Message:
>From Roman Hoog Antink <[email protected]>: Fixes a null pointer dereference
that might occur after removing peers from the config and then reloading.
To generate a diff of this commit:
cvs rdiff -u -r1.14.4.17 -r1.14.4.18 \
src/crypto/dist/ipsec-tools/src/racoon/isakmp_inf.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/crypto/dist/ipsec-tools/src/racoon/isakmp_inf.c
diff -u src/crypto/dist/ipsec-tools/src/racoon/isakmp_inf.c:1.14.4.17 src/crypto/dist/ipsec-tools/src/racoon/isakmp_inf.c:1.14.4.18
--- src/crypto/dist/ipsec-tools/src/racoon/isakmp_inf.c:1.14.4.17 Mon May 18 17:07:46 2009
+++ src/crypto/dist/ipsec-tools/src/racoon/isakmp_inf.c Sat Jan 22 07:44:39 2011
@@ -1,4 +1,4 @@
-/* $NetBSD: isakmp_inf.c,v 1.14.4.17 2009/05/18 17:07:46 tteras Exp $ */
+/* $NetBSD: isakmp_inf.c,v 1.14.4.18 2011/01/22 07:44:39 tteras Exp $ */
/* Id: isakmp_inf.c,v 1.44 2006/05/06 20:45:52 manubsd Exp */
@@ -1624,6 +1624,15 @@
iph1->dpd_r_u=NULL;
+ if (iph1->status == PHASE1ST_EXPIRED) {
+ /* This can happen after removing tunnels from the
+ * config file and then reloading.
+ * Such iph1 have rmconf=NULL, so return before the if
+ * block below.
+ */
+ return;
+ }
+
if (iph1->dpd_fails >= iph1->rmconf->dpd_maxfails) {
plog(LLV_INFO, LOCATION, iph1->remote,
