diff options
Diffstat (limited to 'main/ipsec-tools/99-purge-on-delete-fix.patch')
| -rw-r--r-- | main/ipsec-tools/99-purge-on-delete-fix.patch | 110 |
1 files changed, 0 insertions, 110 deletions
diff --git a/main/ipsec-tools/99-purge-on-delete-fix.patch b/main/ipsec-tools/99-purge-on-delete-fix.patch deleted file mode 100644 index edcc28ac8e..0000000000 --- a/main/ipsec-tools/99-purge-on-delete-fix.patch +++ /dev/null @@ -1,110 +0,0 @@ -Index: src/racoon/handler.c -=================================================================== -RCS file: /cvsroot/src/crypto/dist/ipsec-tools/src/racoon/handler.c,v -retrieving revision 1.33 -diff -u -r1.33 handler.c ---- a/src/racoon/handler.c 21 Oct 2010 06:04:33 -0000 1.33 -+++ b/src/racoon/handler.c 15 Nov 2010 07:26:44 -0000 -@@ -514,6 +514,22 @@ - LIST_INIT(&ph1tree); - } - -+int -+ph1_rekey_enabled(iph1) -+ struct ph1handle *iph1; -+{ -+ if (iph1->rmconf == NULL) -+ return 0; -+ if (iph1->rmconf->rekey == REKEY_FORCE) -+ return 1; -+#ifdef ENABLE_DPD -+ if (iph1->rmconf->rekey == REKEY_ON && iph1->dpd_support && -+ iph1->rmconf->dpd_interval) -+ return 1; -+#endif -+ return 0; -+} -+ - /* %%% management phase 2 handler */ - - int -Index: src/racoon/handler.h -=================================================================== -RCS file: /cvsroot/src/crypto/dist/ipsec-tools/src/racoon/handler.h,v -retrieving revision 1.24 -diff -u -r1.24 handler.h ---- a/src/racoon/handler.h 12 Nov 2010 09:09:47 -0000 1.24 -+++ b/src/racoon/handler.h 15 Nov 2010 07:26:44 -0000 -@@ -493,6 +493,7 @@ - extern int resolveph1rmconf __P((struct ph1handle *)); - extern void flushph1 __P((void)); - extern void initph1tree __P((void)); -+extern int ph1_rekey_enabled __P((struct ph1handle *)); - - extern int enumph2 __P((struct ph2selector *ph2sel, - int (* enum_func)(struct ph2handle *iph2, void *arg), -Index: src/racoon/isakmp.c -=================================================================== -RCS file: /cvsroot/src/crypto/dist/ipsec-tools/src/racoon/isakmp.c,v -retrieving revision 1.65 -diff -u -r1.65 isakmp.c ---- a/src/racoon/isakmp.c 12 Nov 2010 10:36:37 -0000 1.65 -+++ b/src/racoon/isakmp.c 15 Nov 2010 07:26:45 -0000 -@@ -766,20 +766,6 @@ - return 0; - } - --static int --ph1_rekey_enabled(iph1) -- struct ph1handle *iph1; --{ -- if (iph1->rmconf->rekey == REKEY_FORCE) -- return 1; --#ifdef ENABLE_DPD -- if (iph1->rmconf->rekey == REKEY_ON && iph1->dpd_support && -- iph1->rmconf->dpd_interval) -- return 1; --#endif -- return 0; --} -- - /* - * main function of phase 1. - */ -@@ -2081,11 +2067,9 @@ - src, dst, isakmp_pindex(&iph1->index, 0)); - - evt_phase1(iph1, EVT_PHASE1_DOWN, NULL); -- -- if (new_iph1 == NULL && ph1_rekey_enabled(iph1)) { -- purge_remote(iph1); -+ if (new_iph1 == NULL && ph1_rekey_enabled(iph1)) - script_hook(iph1, SCRIPT_PHASE1_DEAD); -- } -+ - racoon_free(src); - racoon_free(dst); - -Index: src/racoon/isakmp_inf.c -=================================================================== -RCS file: /cvsroot/src/crypto/dist/ipsec-tools/src/racoon/isakmp_inf.c,v -retrieving revision 1.43 -diff -u -r1.43 isakmp_inf.c ---- a/src/racoon/isakmp_inf.c 12 Nov 2010 09:09:47 -0000 1.43 -+++ b/src/racoon/isakmp_inf.c 15 Nov 2010 07:26:45 -0000 -@@ -516,10 +516,12 @@ - sched_cancel(&del_ph1->scr); - - /* -- * Do not delete IPsec SAs when receiving an IKE delete notification. -- * Just delete the IKE SA. -+ * Delete also IPsec-SAs if rekeying is enabled. - */ -- isakmp_ph1expire(del_ph1); -+ if (ph1_rekey_enabled(del_ph1)) -+ purge_remote(del_ph1); -+ else -+ isakmp_ph1expire(del_ph1); - } - break; - |