ipsec-tools: notify the death of racoon by touching a file.
Since racoon removes SPD policies when it dies, packets from upper
VPN layers might pass through without IPSec's protection. Here we
add a mechanism to close the gap as much as possible.
Bug: 5714296
Change-Id: If5ebdea3ee1444c18e062b24db724b1575dbdf2d
diff --git a/main.c b/main.c
index 7973217..34b474f 100644
--- a/main.c
+++ b/main.c
@@ -42,12 +42,19 @@
#include <cutils/sockets.h>
#include <private/android_filesystem_config.h>
+static void notify_death()
+{
+ creat("/data/misc/vpn/abort", 0);
+}
+
static int android_get_control_and_arguments(int *argc, char ***argv)
{
static char *args[32];
int control;
int i;
+ atexit(notify_death);
+
if ((i = android_get_control_socket("racoon")) == -1) {
return -1;
}
