From: Theo Buehler <tb@theobuehler.org>
Subject: Re: bgpd: add missing pfkey_remove calls in rtr socket setup
To: tech@openbsd.org
Date: Wed, 13 May 2026 11:26:07 +0200

On Wed, May 13, 2026 at 10:53:03AM +0200, Claudio Jeker wrote:
> The error paths in RTR socket establishment lack the call to
> pfkey_remove().
> 
> Since the connect failed, remove the pfkey state so that the next time we
> start with a clean slate.

ok tb

> 
> -- 
> :wq Claudio
> 
> Index: bgpd.c
> ===================================================================
> RCS file: /cvs/src/usr.sbin/bgpd/bgpd.c,v
> diff -u -p -r1.288 bgpd.c
> --- bgpd.c	19 Mar 2026 12:44:22 -0000	1.288
> +++ bgpd.c	12 May 2026 14:54:24 -0000
> @@ -1439,6 +1439,7 @@ bgpd_rtr_conn_setup(struct rtr_config *r
>   fail:
>  	if (ce->fd != -1)
>  		close(ce->fd);
> +	pfkey_remove(&ce->auth_state);
>  	free(ce);
>  }
>  
> @@ -1488,6 +1489,7 @@ bgpd_rtr_conn_setup_done(int fd, struct 
>  
>  fail:
>  	close(fd);
> +	pfkey_remove(&ce->auth_state);
>  	free(ce);
>  }
>  
>