Call pfkey_remove() only after the Session Engine finished reloading its
authorclaudio <claudio@openbsd.org>
Wed, 4 Sep 2024 13:30:10 +0000 (13:30 +0000)
committerclaudio <claudio@openbsd.org>
Wed, 4 Sep 2024 13:30:10 +0000 (13:30 +0000)
commit7f893e0cbaa30667b9cacb947cb5fc65fedd29ae
tree66b5d65c639c69895e8f971361ccdc232452831d
parentd39370de6e9912256428958fb3147aa54e87fff3
Call pfkey_remove() only after the Session Engine finished reloading its
configuration. Doing so before could result in some messages being sent
out without proper TCP-MD5 signature.

Fix for: https://github.com/openbgpd-portable/openbgpd-portable/issues/82
OK tb@
usr.sbin/bgpd/bgpd.c
usr.sbin/bgpd/config.c
usr.sbin/bgpd/session.h