From: Emmanuel D. <ma...@ne...> - 2005-05-06 16:33:16
|
Another problem with generated policies deletion: In isakmp_info_recv_d(), generated policies don't seem to be deleted anymore. purge_isakmp_spi() takes care of removing the ISAKMP SA, and then nothing removes the IPsec SA (and therefore the generated policies). Adding this after purge_isakmp_spi() fixes the problem: while ((iph2 = getph2bysaddr(iph1->local, iph1->remote)) != NULL) { delete_spd(iph2); unbindph12(iph2); remph2(iph2); delph2(iph2); plog(LLV_INFO, LOCATION, NULL, saddr2str_fromto("purged IPsec-SA %s-%s\n", iph1->local, iph1->remote)); } Any objection to commit that? Someone else see any other place in the code where generated policies should be flushed? -- Emmanuel Dreyfus ma...@ne... |