From fd507379c886424c32550ce6b5ad547bb6db5d70 Mon Sep 17 00:00:00 2001
From: Apple <opensource@apple.com>
Date: Tue, 29 Jul 2008 22:21:02 +0000
Subject: [PATCH] ipsec-34.0.2.tar.gz

---
 ipsec-tools/racoon/localconf.c    |  1 +
 ipsec-tools/racoon/localconf.h    |  5 ++
 ipsec-tools/racoon/pfkey.h        |  1 +
 ipsec-tools/racoon/pfkey_racoon.c | 97 +++++++++++++++++++++++--------
 ipsec-tools/racoon/session.c      |  2 +
 5 files changed, 81 insertions(+), 25 deletions(-)

diff --git a/ipsec-tools/racoon/localconf.c b/ipsec-tools/racoon/localconf.c
index 381d1e8..6725987 100644
--- a/ipsec-tools/racoon/localconf.c
+++ b/ipsec-tools/racoon/localconf.c
@@ -81,6 +81,7 @@ initlcconf()
 	setdefault();
 	lcconf->sock_vpncontrol = -1;	/* not to be done during flush */
 	lcconf->racoon_conf = LC_DEFAULT_CF;
+	TAILQ_INIT(&lcconf->saved_msg_queue);
 }
 
 void
diff --git a/ipsec-tools/racoon/localconf.h b/ipsec-tools/racoon/localconf.h
index b206492..95fda09 100644
--- a/ipsec-tools/racoon/localconf.h
+++ b/ipsec-tools/racoon/localconf.h
@@ -88,6 +88,10 @@ struct redirect {
 	u_int16_t	force;
 };
 
+struct saved_msg_elem {
+	TAILQ_ENTRY(saved_msg_elem) chain;
+	void* msg;
+};
 
 struct localconf {
 	char *racoon_conf;		/* configuration filename */
@@ -110,6 +114,7 @@ struct localconf {
 	int	auto_exit_delay;		/* auto exit delay until exit */
 	struct sched *auto_exit_sched;	/* auto exit schedule */
 	
+	TAILQ_HEAD(_saved_msg_elem, saved_msg_elem) saved_msg_queue;
 	int autograbaddr;
 	struct myaddrs *myaddrs;
 
diff --git a/ipsec-tools/racoon/pfkey.h b/ipsec-tools/racoon/pfkey.h
index 62aede2..63d7498 100644
--- a/ipsec-tools/racoon/pfkey.h
+++ b/ipsec-tools/racoon/pfkey.h
@@ -41,6 +41,7 @@ extern const struct pfkey_satype pfkey_satypes[];
 extern const int pfkey_nsatypes;
 
 extern int pfkey_handler __P((void));
+extern void pfkey_post_handler __P((void));
 extern vchar_t *pfkey_dump_sadb __P((int));
 extern void pfkey_flush_sadb __P((u_int));
 extern int pfkey_init __P((void));
diff --git a/ipsec-tools/racoon/pfkey_racoon.c b/ipsec-tools/racoon/pfkey_racoon.c
index 76ecbc3..03e70b4 100644
--- a/ipsec-tools/racoon/pfkey_racoon.c
+++ b/ipsec-tools/racoon/pfkey_racoon.c
@@ -191,34 +191,14 @@ static int addnewsp __P((caddr_t *));
 #endif
 #endif
 
-/*
- * PF_KEY packet handler
- *	0: success
- *	-1: fail
- */
+	
 int
-pfkey_handler()
-{
+pfkey_process(msg)
 	struct sadb_msg *msg;
-	int len;
+{
 	caddr_t mhp[SADB_EXT_MAX + 1];
 	int error = -1;
-
-	/* receive pfkey message. */
-	len = 0;
-	msg = (struct sadb_msg *)pk_recv(lcconf->sock_pfkey, &len);
-	if (msg == NULL) {
-		if (len < 0) {
-			plog(LLV_ERROR, LOCATION, NULL,
-				"failed to recv from pfkey (%s)\n",
-				strerror(errno));
-			goto end;
-		} else {
-			/* short message - msg not ready */
-			return 0;
-		}
-	}
-
+	
 	plog(LLV_DEBUG, LOCATION, NULL, "get pfkey %s message\n",
 		s_pfkey_type(msg->sadb_msg_type));
 	plogdump(LLV_DEBUG2, msg, msg->sadb_msg_len << 3);
@@ -282,6 +262,62 @@ end:
 	return(error);
 }
 
+/*
+ * PF_KEY packet handler
+ *	0: success
+ *	-1: fail
+ */
+int
+pfkey_handler()
+{
+	struct sadb_msg *msg;
+	int len;
+
+	/* receive pfkey message. */
+	len = 0;
+	msg = (struct sadb_msg *)pk_recv(lcconf->sock_pfkey, &len);
+	if (msg == NULL) {
+		if (len < 0) {
+			plog(LLV_ERROR, LOCATION, NULL,
+				 "failed to recv from pfkey (%s)\n",
+				 strerror(errno));
+			return -1;			
+		} else {
+			/* short message - msg not ready */
+			return 0;
+		}
+	}
+	return pfkey_process(msg);
+}
+
+void
+pfkey_post_handler()
+{
+	struct saved_msg_elem *elem;
+	struct saved_msg_elem *elem_tmp = NULL;
+	
+	TAILQ_FOREACH_SAFE(elem, &lcconf->saved_msg_queue, chain, elem_tmp) {
+		pfkey_process((struct sadb_msg *)elem->msg);
+		TAILQ_REMOVE(&lcconf->saved_msg_queue, elem, chain);
+		racoon_free(elem);
+
+	}
+}
+
+int
+pfkey_save_msg(msg)
+	struct sadb_msg *msg;
+{
+	struct saved_msg_elem *elem;
+	
+	elem = (struct saved_msg_elem *)racoon_calloc(sizeof(struct saved_msg_elem), 1);
+	if (elem == NULL)
+		return -1;
+	elem->msg = msg;
+	TAILQ_INSERT_TAIL(&lcconf->saved_msg_queue, elem, chain);
+	return 0;
+}
+
 /*
  * dump SADB
  */
@@ -321,8 +357,18 @@ pfkey_dump_sadb(satype)
 				continue;
 		}
 
-		if (msg->sadb_msg_type != SADB_DUMP || msg->sadb_msg_pid != pid)
+		if (msg->sadb_msg_pid != pid)
+			continue;
+		
+		/*
+		 * for multi-processor system this had to be added because the messages can
+		 * be interleaved - they won't all be dump messages
+		 */
+		if (msg->sadb_msg_type != SADB_DUMP) {	/* save for later processing */
+			pfkey_save_msg(msg);
+			msg = NULL;
 			continue;
+		}
 
 		ml = msg->sadb_msg_len << 3;
 		bl = buf ? buf->l : 0;
@@ -2776,6 +2822,7 @@ int *lenp;
 }
 
 
+
 /* see handler.h */
 u_int32_t
 pk_getseq()
diff --git a/ipsec-tools/racoon/session.c b/ipsec-tools/racoon/session.c
index 1028290..2f9f557 100644
--- a/ipsec-tools/racoon/session.c
+++ b/ipsec-tools/racoon/session.c
@@ -193,6 +193,8 @@ session(void)
 	}
 
 	while (1) {
+		if (!TAILQ_EMPTY(&lcconf->saved_msg_queue))
+			pfkey_post_handler();
 		update_fds = 0;
 		/*
 		 * asynchronous requests via signal.
-- 
2.47.2