Be less verbose when deleting SAs triggered by a hard expire
authorMartin Willi <martin@revosec.ch>
Mon, 2 Jan 2012 14:39:16 +0000 (15:39 +0100)
committerMartin Willi <martin@revosec.ch>
Tue, 20 Mar 2012 16:31:31 +0000 (17:31 +0100)
src/libhydra/plugins/kernel_netlink/kernel_netlink_ipsec.c
src/libhydra/plugins/kernel_netlink/kernel_netlink_shared.c

index e51aeaf..49f5c33 100644 (file)
@@ -1737,30 +1737,27 @@ METHOD(kernel_ipsec_t, del_sa, status_t,
                mrk->m = mark.mask;
        }
 
-       if (this->socket_xfrm->send_ack(this->socket_xfrm, hdr) != SUCCESS)
-       {
-               if (mark.value)
-               {
-                       DBG1(DBG_KNL, "unable to delete SAD entry with SPI %.8x  "
-                                                 "(mark %u/0x%8x)", ntohl(spi), mark.value, mark.mask);
-               }
-               else
-               {
-                       DBG1(DBG_KNL, "unable to delete SAD entry with SPI %.8x",
-                                                  ntohl(spi));
-               }
-               return FAILED;
-       }
-       if (mark.value)
+       switch (this->socket_xfrm->send_ack(this->socket_xfrm, hdr))
        {
-               DBG2(DBG_KNL, "deleted SAD entry with SPI %.8x  (mark %u/0x%8x)",
-                                          ntohl(spi), mark.value, mark.mask);
-       }
-       else
-       {
-               DBG2(DBG_KNL, "deleted SAD entry with SPI %.8x", ntohl(spi));
+               case SUCCESS:
+                       DBG2(DBG_KNL, "deleted SAD entry with SPI %.8x (mark %u/0x%08x)",
+                                ntohl(spi), mark.value, mark.mask);
+                       return SUCCESS;
+               case NOT_FOUND:
+                       return NOT_FOUND;
+               default:
+                       if (mark.value)
+                       {
+                               DBG1(DBG_KNL, "unable to delete SAD entry with SPI %.8x "
+                                        "(mark %u/0x%8x)", ntohl(spi), mark.value, mark.mask);
+                       }
+                       else
+                       {
+                               DBG1(DBG_KNL, "unable to delete SAD entry with SPI %.8x",
+                                        ntohl(spi));
+                       }
+                       return FAILED;
        }
-       return SUCCESS;
 }
 
 METHOD(kernel_ipsec_t, update_sa, status_t,
index dad3fb6..285f6c8 100644 (file)
@@ -206,6 +206,11 @@ METHOD(netlink_socket_t, netlink_send_ack, status_t,
                                                free(out);
                                                return ALREADY_DONE;
                                        }
+                                       if (-err->error == ESRCH)
+                                       {       /* do not report missing entries */
+                                               free(out);
+                                               return NOT_FOUND;
+                                       }
                                        DBG1(DBG_KNL, "received netlink error: %s (%d)",
                                                 strerror(-err->error), -err->error);
                                        free(out);