From: tobhe <tobhe@openbsd.org>
Date: Thu, 15 Feb 2024 19:11:00 +0000 (+0000)
Subject: Delay enabling sockets until ikev2 process is ready.
X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=ac16f2e6ef35214112cf5853213e4198f667f7b8;p=openbsd

Delay enabling sockets until ikev2 process is ready.

from markus@
---

diff --git a/sbin/iked/config.c b/sbin/iked/config.c
index 6398e641bdc..ff24c4bcc93 100644
--- a/sbin/iked/config.c
+++ b/sbin/iked/config.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: config.c,v 1.96 2024/02/13 12:25:11 tobhe Exp $	*/
+/*	$OpenBSD: config.c,v 1.97 2024/02/15 19:11:00 tobhe Exp $	*/
 
 /*
  * Copyright (c) 2019 Tobias Heider <tobias.heider@stusta.de>
@@ -651,11 +651,24 @@ config_getsocket(struct iked *env, struct imsg *imsg,
 
 	event_set(&sock->sock_ev, sock->sock_fd,
 	    EV_READ|EV_PERSIST, cb, sock);
-	event_add(&sock->sock_ev, NULL);
 
 	return (0);
 }
 
+void
+config_enablesocket(struct iked *env)
+{
+	struct iked_socket	*sock;
+	size_t			 i;
+
+	for (i = 0; i < nitems(env->sc_sock4); i++)
+		if ((sock = env->sc_sock4[i]) != NULL)
+			event_add(&sock->sock_ev, NULL);
+	for (i = 0; i < nitems(env->sc_sock6); i++)
+		if ((sock = env->sc_sock6[i]) != NULL)
+			event_add(&sock->sock_ev, NULL);
+}
+
 int
 config_setpfkey(struct iked *env)
 {
diff --git a/sbin/iked/iked.h b/sbin/iked/iked.h
index 3133764eac6..f13e6a08d43 100644
--- a/sbin/iked/iked.h
+++ b/sbin/iked/iked.h
@@ -1,4 +1,4 @@
-/*	$OpenBSD: iked.h,v 1.227 2024/02/15 19:04:12 tobhe Exp $	*/
+/*	$OpenBSD: iked.h,v 1.228 2024/02/15 19:11:00 tobhe Exp $	*/
 
 /*
  * Copyright (c) 2019 Tobias Heider <tobias.heider@stusta.de>
@@ -925,6 +925,7 @@ int	 config_setsocket(struct iked *, struct sockaddr_storage *, in_port_t,
 	    enum privsep_procid);
 int	 config_getsocket(struct iked *env, struct imsg *,
 	    void (*cb)(int, short, void *));
+void	 config_enablesocket(struct iked *env);
 int	 config_setpfkey(struct iked *);
 int	 config_getpfkey(struct iked *, struct imsg *);
 int	 config_setuser(struct iked *, struct iked_user *, enum privsep_procid);
diff --git a/sbin/iked/ikev2.c b/sbin/iked/ikev2.c
index 0f7a966a623..8bbbeb34b1d 100644
--- a/sbin/iked/ikev2.c
+++ b/sbin/iked/ikev2.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: ikev2.c,v 1.383 2024/01/24 10:09:07 tobhe Exp $	*/
+/*	$OpenBSD: ikev2.c,v 1.384 2024/02/15 19:11:00 tobhe Exp $	*/
 
 /*
  * Copyright (c) 2019 Tobias Heider <tobias.heider@stusta.de>
@@ -248,6 +248,7 @@ ikev2_dispatch_parent(int fd, struct privsep_proc *p, struct imsg *imsg)
 	case IMSG_CTL_PASSIVE:
 		if (config_getmode(env, imsg->hdr.type) == -1)
 			return (0);	/* ignore error */
+		config_enablesocket(env);
 		timer_del(env, &env->sc_inittmr);
 		TAILQ_FOREACH(pol, &env->sc_policies, pol_entry) {
 			if (policy_generate_ts(pol) == -1)