From: Ian Jackson <ijackson@chiark.greenend.org.uk>
Date: Sat, 12 Sep 2015 23:56:06 +0000 (+0100)
Subject: Keepalive option: Start trying to rekey as soon as peer shuts down
X-Git-Tag: v0.4.1~17
X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?p=secnet.git;a=commitdiff_plain;h=e0d2e637f0931a4a3c897abbc4e38a3f357ba3d4;hp=e6d6991c815cb4b06efc4b3be4c631e0ef166bc4

Keepalive option: Start trying to rekey as soon as peer shuts down

This avoids us ending up in state RUN with no keys and no key
initiation attempt, which with keepalive is a forbidden.

Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
---

diff --git a/site.c b/site.c
index db78d5f..b83919c 100644
--- a/site.c
+++ b/site.c
@@ -1147,6 +1147,10 @@ static bool_t process_msg0(struct site *st, struct buffer_if *msg0,
     case LABEL_MSG7:
 	/* We must forget about the current session. */
 	delete_keys(st,"request from peer",LOG_SEC);
+	/* probably, the peer is shutting down, and this is going to fail,
+	 * but we need to be trying to bring the link up again */
+	if (st->keepalive)
+	    initiate_key_setup(st,"peer requested key teardown",0);
 	return True;
     case LABEL_MSG9:
 	/* Deliver to netlink layer */