summaryrefslogtreecommitdiff
path: root/src/libipsec/ipsec_sa_mgr.c
diff options
context:
space:
mode:
authorYves-Alexis Perez <corsac@corsac.net>2017-11-21 10:22:31 +0100
committerYves-Alexis Perez <corsac@corsac.net>2017-11-21 10:22:31 +0100
commite1d78dc2faaa06e7c3f71ef674a71e4de2f0758e (patch)
treeae0c8b5f4cd8289d0797882ea18969f33ea59a1e /src/libipsec/ipsec_sa_mgr.c
parent11d6b62db969bdd808d0f56706cb18f113927a31 (diff)
downloadvyos-strongswan-e1d78dc2faaa06e7c3f71ef674a71e4de2f0758e.tar.gz
vyos-strongswan-e1d78dc2faaa06e7c3f71ef674a71e4de2f0758e.zip
New upstream version 5.6.1
Diffstat (limited to 'src/libipsec/ipsec_sa_mgr.c')
-rw-r--r--src/libipsec/ipsec_sa_mgr.c11
1 files changed, 9 insertions, 2 deletions
diff --git a/src/libipsec/ipsec_sa_mgr.c b/src/libipsec/ipsec_sa_mgr.c
index 957d930f2..44d35244a 100644
--- a/src/libipsec/ipsec_sa_mgr.c
+++ b/src/libipsec/ipsec_sa_mgr.c
@@ -107,6 +107,11 @@ typedef struct {
ipsec_sa_entry_t *entry;
/**
+ * SPI of the expired entry
+ */
+ uint32_t spi;
+
+ /**
* 0 if this is a hard expire, otherwise the offset in s (soft->hard)
*/
uint32_t hard_offset;
@@ -314,8 +319,9 @@ static job_requeue_t sa_expired(ipsec_sa_expired_t *expired)
private_ipsec_sa_mgr_t *this = expired->manager;
this->mutex->lock(this->mutex);
- if (this->sas->find_first(this->sas, NULL, (void**)&expired->entry))
- {
+ if (this->sas->find_first(this->sas, NULL, (void**)&expired->entry) &&
+ expired->spi == expired->entry->sa->get_spi(expired->entry->sa))
+ { /* only if we find the right SA at this pointer location */
uint32_t hard_offset;
hard_offset = expired->hard_offset;
@@ -355,6 +361,7 @@ static void schedule_expiration(private_ipsec_sa_mgr_t *this,
INIT(expired,
.manager = this,
.entry = entry,
+ .spi = entry->sa->get_spi(entry->sa),
);
/* schedule a rekey first, a hard timeout will be scheduled then, if any */
generated by cgit v1.2.3 (git 2.39.1) at 2024-09-20 08:36:08 +0000