Date: Mon, 28 Nov 2016 11:14:38 +0000 (UTC) From: "Andrey V. Elsukov" <ae@FreeBSD.org> To: src-committers@freebsd.org, svn-src-projects@freebsd.org Subject: svn commit: r309247 - projects/ipsec/sys/netipsec Message-ID: <201611281114.uASBEcvi030523@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: ae Date: Mon Nov 28 11:14:38 2016 New Revision: 309247 URL: https://svnweb.freebsd.org/changeset/base/309247 Log: Do not report success, when policy was not deleted in SADB_SPDDELETE2. Modified: projects/ipsec/sys/netipsec/key.c Modified: projects/ipsec/sys/netipsec/key.c ============================================================================== --- projects/ipsec/sys/netipsec/key.c Mon Nov 28 08:13:20 2016 (r309246) +++ projects/ipsec/sys/netipsec/key.c Mon Nov 28 11:14:38 2016 (r309247) @@ -2026,6 +2026,12 @@ key_spddelete2(struct socket *so, struct printf("%s: SP(%p)\n", __func__, sp)); KEYDBG(KEY_DATA, kdebug_secpolicy(sp)); key_unlink(sp); + if (sp->state != IPSEC_SPSTATE_DEAD) { + ipseclog((LOG_DEBUG, "%s: failed to delete SP with id %u.\n", + __func__, id)); + key_freesp(&sp); + return (key_senderror(so, m, EACCES)); + } key_freesp(&sp); {
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201611281114.uASBEcvi030523>