vpnc/vpnc-restart-after-timeout.diff

Index: b/tunip.c
===================================================================
--- a/tunip.c
+++ b/tunip.c
@@ -884,10 +884,13 @@ static void vpnc_main_loop(struct sa_blo
 				time(NULL) - s->ipsec.life.start,
 				s->ipsec.life.seconds,
 				s->ipsec.life.rx/1024,
 				s->ipsec.life.tx/1024,
 				s->ipsec.life.kbytes));
+			if (s->ipsec.life.seconds &&
+			    (time(NULL) - s->ipsec.life.start + 1 >= s->ipsec.life.seconds))
+				do_kill = -3;
 		} while ((presult == 0 || (presult == -1 && errno == EINTR)) && !do_kill);
 		if (presult == -1) {
 			syslog(LOG_ERR, "select: %m");
 			continue;
 		}
@@ -945,10 +948,13 @@ static void vpnc_main_loop(struct sa_blo
 		}
 
 	}
 
 	switch (do_kill) {
+		case -3:
+			syslog(LOG_NOTICE, "connection terminated by timeout -> restart");
+			break;
 		case -2:
 			syslog(LOG_NOTICE, "connection terminated by dead peer detection");
 			break;
 		case -1:
 			syslog(LOG_NOTICE, "connection terminated by peer");
Index: b/vpnc.c
===================================================================
--- a/vpnc.c
+++ b/vpnc.c
@@ -3779,24 +3779,25 @@ int main(int argc, char **argv)
 #endif
 	gcry_check_version("1.1.90");
 	gcry_control(GCRYCTL_INIT_SECMEM, 16384, 0);
 	group_init();
 
-	memset(s, 0, sizeof(*s));
-	s->ipsec.encap_mode = IPSEC_ENCAP_TUNNEL;
-	s->ike.timeout = 1000; /* 1 second */
-
 	do_config(argc, argv);
 
 	if (opt_vendor == VENDOR_NORTEL)
 		group_id = tolowercase(config[CONFIG_IPSEC_ID]);
 	else
 		group_id = config[CONFIG_IPSEC_ID];
 
 	DEBUG(1, printf("\nvpnc version " VERSION "\n"));
 	hex_dump("hex_test", hex_test, sizeof(hex_test), NULL);
 
+    do {
+	memset(s, 0, sizeof(*s));
+	s->ipsec.encap_mode = IPSEC_ENCAP_TUNNEL;
+	s->ike.timeout = 1000; /* 1 second */
+
 	DEBUGTOP(2, printf("S1 init_sockaddr\n"));
 	init_sockaddr(&s->dst, config[CONFIG_IPSEC_GATEWAY]);
 	init_sockaddr(&s->opt_src_ip, config[CONFIG_LOCAL_ADDR]);
 	DEBUGTOP(2, printf("S2 make_socket\n"));
 	s->ike.src_port = atoi(config[CONFIG_LOCAL_PORT]);
@@ -3847,10 +3848,11 @@ int main(int argc, char **argv)
 	close_tunnel(s);
 
 	/* Free resources */
 	DEBUGTOP(2, printf("S9 cleanup\n"));
 	cleanup(s);
+    } while (do_kill == -3);
 	if (opt_vendor == VENDOR_NORTEL)
 		free((void *)group_id);
 
 	return 0;
 }
Accepting request 90786 from home:seife:testing - update to rev 472 of nortel branch - memleak fix - fritzbox compatibility patches - fix some endianness issues - improve handling of some isakmp delete payloads - fix some format string warnings from debug messages and strict aliasing warnings - add a very ugly patch to restart vpnc after lifetime expired OBS-URL: https://build.opensuse.org/request/show/90786 OBS-URL: https://build.opensuse.org/package/show/network/vpnc?expand=0&rev=61 2011-11-11 10:13:39 +00:00			`Index: b/tunip.c`
			`===================================================================`
			`--- a/tunip.c`
			`+++ b/tunip.c`
			`@@ -884,10 +884,13 @@ static void vpnc_main_loop(struct sa_blo`
			`time(NULL) - s->ipsec.life.start,`
			`s->ipsec.life.seconds,`
			`s->ipsec.life.rx/1024,`
			`s->ipsec.life.tx/1024,`
			`s->ipsec.life.kbytes));`
			`+ if (s->ipsec.life.seconds &&`
			`+ (time(NULL) - s->ipsec.life.start + 1 >= s->ipsec.life.seconds))`
			`+ do_kill = -3;`
			`} while ((presult == 0 \|\| (presult == -1 && errno == EINTR)) && !do_kill);`
			`if (presult == -1) {`
			`syslog(LOG_ERR, "select: %m");`
			`continue;`
			`}`
			`@@ -945,10 +948,13 @@ static void vpnc_main_loop(struct sa_blo`
			`}`

			`}`

			`switch (do_kill) {`
			`+ case -3:`
			`+ syslog(LOG_NOTICE, "connection terminated by timeout -> restart");`
			`+ break;`
			`case -2:`
			`syslog(LOG_NOTICE, "connection terminated by dead peer detection");`
			`break;`
			`case -1:`
			`syslog(LOG_NOTICE, "connection terminated by peer");`
			`Index: b/vpnc.c`
			`===================================================================`
			`--- a/vpnc.c`
			`+++ b/vpnc.c`
			`@@ -3779,24 +3779,25 @@ int main(int argc, char **argv)`
			`#endif`
			`gcry_check_version("1.1.90");`
			`gcry_control(GCRYCTL_INIT_SECMEM, 16384, 0);`
			`group_init();`

			`- memset(s, 0, sizeof(*s));`
			`- s->ipsec.encap_mode = IPSEC_ENCAP_TUNNEL;`
			`- s->ike.timeout = 1000; /* 1 second */`
			`-`
			`do_config(argc, argv);`

			`if (opt_vendor == VENDOR_NORTEL)`
			`group_id = tolowercase(config[CONFIG_IPSEC_ID]);`
			`else`
			`group_id = config[CONFIG_IPSEC_ID];`

			`DEBUG(1, printf("\nvpnc version " VERSION "\n"));`
			`hex_dump("hex_test", hex_test, sizeof(hex_test), NULL);`

			`+ do {`
			`+ memset(s, 0, sizeof(*s));`
			`+ s->ipsec.encap_mode = IPSEC_ENCAP_TUNNEL;`
			`+ s->ike.timeout = 1000; /* 1 second */`
			`+`
			`DEBUGTOP(2, printf("S1 init_sockaddr\n"));`
			`init_sockaddr(&s->dst, config[CONFIG_IPSEC_GATEWAY]);`
			`init_sockaddr(&s->opt_src_ip, config[CONFIG_LOCAL_ADDR]);`
			`DEBUGTOP(2, printf("S2 make_socket\n"));`
			`s->ike.src_port = atoi(config[CONFIG_LOCAL_PORT]);`
			`@@ -3847,10 +3848,11 @@ int main(int argc, char **argv)`
			`close_tunnel(s);`

			`/* Free resources */`
			`DEBUGTOP(2, printf("S9 cleanup\n"));`
			`cleanup(s);`
			`+ } while (do_kill == -3);`
			`if (opt_vendor == VENDOR_NORTEL)`
			`free((void *)group_id);`

			`return 0;`
			`}`