must convert protocol to sa type when preparing a DELETE message

Submitted by: Roselyn Lee <rosel@verniernetworks.com> MFC after: 1 week
2004-02-05 23:19:17 +00:00 · 2004-02-05 23:19:17 +00:00 · 9b705967d2
commit 9b705967d2
parent 175f0360d3
1 changed files with 7 additions and 1 deletions
--- a/sys/netipsec/key.c
+++ b/sys/netipsec/key.c
@ -917,12 +917,18 @@ key_do_allocsa_policy(struct secashead *sah, u_int state)
 		 */
 		if (d->lft_c->sadb_lifetime_addtime != 0) {
 			struct mbuf *m, *result;
+			u_int8_t satype;

 			key_sa_chgstate(d, SADB_SASTATE_DEAD);

 			IPSEC_ASSERT(d->refcnt > 0, ("bogus ref count"));
+
+			satype = key_proto2satype(d->sah->saidx.proto);
+			if (satype == 0)
+				goto msgfail;
+
 			m = key_setsadbmsg(SADB_DELETE, 0,
-			    d->sah->saidx.proto, 0, 0, d->refcnt - 1);
+			    satype, 0, 0, d->refcnt - 1);
 			if (!m)
 				goto msgfail;
 			result = m;