This avoids keeping the kernel sockets open when they are not actually
needed, which could lead to resource problems (in particular with PF_KEY
where all open sockets receive all messages).
Fixes #217.
void starter_netkey_cleanup(void)
{
+ if (!lib->plugins->load(lib->plugins, NULL,
+ lib->settings->get_str(lib->settings, "starter.load", PLUGINS)))
+ {
+ DBG1(DBG_APP, "unable to load kernel plugins");
+ return;
+ }
hydra->kernel_interface->flush_sas(hydra->kernel_interface);
hydra->kernel_interface->flush_policies(hydra->kernel_interface);
+ lib->plugins->unload(lib->plugins);
}
#include <stdlib.h>
#include <stdio.h>
#include <signal.h>
- #include <syslog.h>
+#include <syslog.h>
#include <unistd.h>
#include <sys/time.h>
#include <time.h>
}
}
- /* load plugins */
- if (!lib->plugins->load(lib->plugins, NULL,
- lib->settings->get_str(lib->settings, "starter.load", PLUGINS)))
- {
- exit(LSB_RC_FAILURE);
- }
-
/* we handle these signals only in pselect() */
memset(&action, 0, sizeof(action));
sigemptyset(&action.sa_mask);
confread_free(cfg);
unlink(STARTER_PID_FILE);
DBG1(DBG_APP, "ipsec starter stopped");
- lib->plugins->unload(lib->plugins);
close_log();
exit(LSB_RC_SUCCESS);
}
projects / thirdparty / strongswan.git / commitdiff
