Attachment #156875 for bug #200283

View | Details | Raw Unified | Return to bug 200283
Collapse All | Expand All




			if (sav->lft_s->addtime != 0 &&
			    now - sav->created > sav->lft_s->addtime) {
				key_sa_chgstate(sav, SADB_SASTATE_DYING);
				key_expire(sav, 0);
				 * Actually, only send expire message if
				 * SA has been used, as it was done before,
				 * but should we always send such message,
				 * and let IKE daemon decide if it should be
				 * renegotiated or not ?
				 * XXX expire message will actually NOT be
				 * sent if SA is only used after soft
				 * lifetime has been reached, see below
				 * (DYING state)
				 */
				if (sav->lft_c->usetime != 0)
					key_expire(sav, 0);
			}
			/* check SOFT lifetime by bytes */
			/*

Return to bug 200283

Lines 4247-4265 Link Here

(-)sys/netipsec/key.c (-13 / +1 lines)
4247	if (sav->lft_s->addtime != 0 &&	4247	if (sav->lft_s->addtime != 0 &&
4248	now - sav->created > sav->lft_s->addtime) {	4248	now - sav->created > sav->lft_s->addtime) {
4249	key_sa_chgstate(sav, SADB_SASTATE_DYING);	4249	key_sa_chgstate(sav, SADB_SASTATE_DYING);
4250	/*	4250	key_expire(sav, 0);
4251	* Actually, only send expire message if
4252	* SA has been used, as it was done before,
4253	* but should we always send such message,
4254	* and let IKE daemon decide if it should be
4255	* renegotiated or not ?
4256	* XXX expire message will actually NOT be
4257	* sent if SA is only used after soft
4258	* lifetime has been reached, see below
4259	* (DYING state)
4260	*/
4261	if (sav->lft_c->usetime != 0)
4262	key_expire(sav, 0);
4263	}	4251	}
4264	/* check SOFT lifetime by bytes */	4252	/* check SOFT lifetime by bytes */
4265	/*	4253	/*