[Openswan dev] [PATCH] Safety check in aggr_outI1 for no interface from orient()
Michael H. Warfield
mhw at WittsEnd.com
Sat Mar 13 12:05:25 EST 2010
Ok...
Working my way back up the stack. This patch adds a check to aggr_outI1
right after set_state_ike_endpoints() to make sure we've got a valid
interface before proceeding. Now it catches this one earlier and we
don't get the retries but "ipsec auto --up CONN" seems to just hang
right after"
003 "CONN" #3: aggr_outI1 failed, no interface sending to ...
But that's the first place where the orient problem can be detected.
Sigh... Have to detect the STF_FAIL and handle it back in the caller,
now.
Patch attached. (And I used the right logging function this
time. :-) )
Mike
--
Michael H. Warfield (AI4NB) | (770) 985-6132 | mhw at WittsEnd.com
/\/\|=mhw=|\/\/ | (678) 463-0932 | http://www.wittsend.com/mhw/
NIC whois: MHW9 | An optimist believes we live in the best of all
PGP Key: 0x674627FF | possible worlds. A pessimist is sure of it!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: openswan-2.6.24-aggr_outI1-safety.diff
Type: text/x-patch
Size: 671 bytes
Desc: not available
Url : http://lists.openswan.org/pipermail/dev/attachments/20100313/979cc20d/attachment.bin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 482 bytes
Desc: This is a digitally signed message part
Url : http://lists.openswan.org/pipermail/dev/attachments/20100313/979cc20d/attachment-0001.bin
More information about the Dev
mailing list