[PATCH 2/2] Keepalive option: Start trying to rekey as soon as peer shuts down

Ian Jackson ijackson at chiark.greenend.org.uk
Sun Sep 13 00:57:18 BST 2015

This avoids us ending up in state RUN with no keys and no key
initiation attempt, which with keepalive is a forbidden.

Signed-off-by: Ian Jackson <ijackson at chiark.greenend.org.uk>
 site.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/site.c b/site.c
index db78d5f..b83919c 100644
--- a/site.c
+++ b/site.c
@@ -1147,6 +1147,10 @@ static bool_t process_msg0(struct site *st, struct buffer_if *msg0,
     case LABEL_MSG7:
 	/* We must forget about the current session. */
 	delete_keys(st,"request from peer",LOG_SEC);
+	/* probably, the peer is shutting down, and this is going to fail,
+	 * but we need to be trying to bring the link up again */
+	if (st->keepalive)
+	    initiate_key_setup(st,"peer requested key teardown",0);
 	return True;
     case LABEL_MSG9:
 	/* Deliver to netlink layer */

More information about the sgo-software-discuss mailing list