(when new sa is preferred than old sa)

even if we fail to send pfkey message, remove the old sa.

Obtained from:	KAME
MFC after:	1 week
This commit is contained in:
ume 2002-03-01 12:17:21 +00:00
parent ff42cf3e07
commit 308fbb2d3e

View File

@ -825,16 +825,14 @@ key_do_allocsa_policy(sah, state)
* permanent.
*/
if (d->lft_c->sadb_lifetime_addtime != 0) {
struct mbuf *m, *result;
key_sa_chgstate(d, SADB_SASTATE_DEAD);
key_freesav(d);
m = key_setsadbmsg(SADB_DELETE, 0,
sav->sah->saidx.proto, 0, 0, d->refcnt);
d->sah->saidx.proto, 0, 0, d->refcnt - 1);
if (!m)
return NULL;
goto msgfail;
result = m;
/* set sadb_address for saidx's. */
@ -843,7 +841,7 @@ key_do_allocsa_policy(sah, state)
d->sah->saidx.src.ss_len << 3,
IPSEC_ULPROTO_ANY);
if (!m)
return NULL;
goto msgfail;
m_cat(result, m);
/* set sadb_address for saidx's. */
@ -852,20 +850,20 @@ key_do_allocsa_policy(sah, state)
d->sah->saidx.src.ss_len << 3,
IPSEC_ULPROTO_ANY);
if (!m)
return NULL;
goto msgfail;
m_cat(result, m);
/* create SA extension */
m = key_setsadbsa(d);
if (!m)
return NULL;
goto msgfail;
m_cat(result, m);
if (result->m_len < sizeof(struct sadb_msg)) {
result = m_pullup(result,
sizeof(struct sadb_msg));
if (result == NULL)
return NULL;
goto msgfail;
}
result->m_pkthdr.len = 0;
@ -876,7 +874,9 @@ key_do_allocsa_policy(sah, state)
if (key_sendup_mbuf(NULL, result,
KEY_SENDUP_REGISTERED))
return NULL;
goto msgfail;
msgfail:
key_freesav(d);
}
}