FreeBSD Bugzilla – Attachment 156875 Details for
Bug 200283
[ipsec] [patch] Send soft expire also if IPsec SA has not been used
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
Always send a soft expire
02-freebsd-always-send-soft-expire.patch (text/plain), 868 bytes, created by
Tobias Brunner
on 2015-05-18 14:28:35 UTC
(
hide
)
Description:
Always send a soft expire
Filename:
MIME Type:
Creator:
Tobias Brunner
Created:
2015-05-18 14:28:35 UTC
Size:
868 bytes
patch
obsolete
>Index: sys/netipsec/key.c >=================================================================== >--- sys/netipsec/key.c (revision 282863) >+++ sys/netipsec/key.c (working copy) >@@ -4247,19 +4247,7 @@ > if (sav->lft_s->addtime != 0 && > now - sav->created > sav->lft_s->addtime) { > key_sa_chgstate(sav, SADB_SASTATE_DYING); >- /* >- * Actually, only send expire message if >- * SA has been used, as it was done before, >- * but should we always send such message, >- * and let IKE daemon decide if it should be >- * renegotiated or not ? >- * XXX expire message will actually NOT be >- * sent if SA is only used after soft >- * lifetime has been reached, see below >- * (DYING state) >- */ >- if (sav->lft_c->usetime != 0) >- key_expire(sav, 0); >+ key_expire(sav, 0); > } > /* check SOFT lifetime by bytes */ > /*
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 200283
: 156875