directly delete a ph1 in remove_ph1-) instead of scheduling it, to avoid (completely ?) a race condition when reloading configuration

crypto/dist/ipsec-tools/src/racoon/handler.c

@@ -1,4 +1,4 @@
-/*	$NetBSD: handler.c,v 1.35 2010/12/28 06:00:18 tteras Exp $	*/
+/*	$NetBSD: handler.c,v 1.36 2011/03/11 14:30:07 vanhu Exp $	*/
 
 /* Id: handler.c,v 1.28 2006/05/26 12:17:29 manubsd Exp */
 
@@ -1447,6 +1447,7 @@ remove_ph2(struct ph2handle *iph2)
 		 * - delete SPIs in kernel
 		 * - delete generated SPD
 		 * - unbind / rem / del ph2
+		 * - XXX shoudld also send a delete-sa !?
 		 */
 		purge_ipsec_spi(iph2->dst, iph2->approval->head->proto_id,
 						spis, 2);
@@ -1474,7 +1475,11 @@ static void remove_ph1(struct ph1handle *iph1){
 		isakmp_info_send_d1(iph1);
 	}
 	iph1->status = PHASE1ST_EXPIRED;
-	sched_schedule(&iph1->sce, 1, isakmp_ph1delete_stub);
+	/* directly call isakmp_ph1delete to avoid as possible a race
+	 * condition where we'll try to access iph1->rmconf after it has
+	 * freed
+	 */
+	isakmp_ph1delete(iph1);
 }
 
 

crypto/dist/ipsec-tools/src/racoon/isakmp.c

@@ -1,4 +1,4 @@
-/*	$NetBSD: isakmp.c,v 1.68 2011/03/01 14:33:58 vanhu Exp $	*/
+/*	$NetBSD: isakmp.c,v 1.69 2011/03/11 14:30:07 vanhu Exp $	*/
 
 /* Id: isakmp.c,v 1.74 2006/05/07 21:32:59 manubsd Exp */
 
@@ -2048,6 +2048,9 @@ isakmp_ph1delete(iph1)
 		next = LIST_NEXT(p, ph1bind);
 		if (p->status >= PHASE2ST_ESTABLISHED)
 			unbindph12(p);
+		/* Should we also remove non established ph2
+		 * handles, as we just invalidated ph1handle ?
+		 */
 	}
 
 	if (LIST_FIRST(&iph1->ph2tree) != NULL) {