[src/netbsd-3]: src/crypto/dist/ipsec-tools/src/racoon Pull up revision 1.6 (...

[tron <tron%NetBSD.org@localhost>]

details:   https://anonhg.NetBSD.org/src/rev/6bc0d3e0e834
branches:  netbsd-3
changeset: 576339:6bc0d3e0e834
user:      tron <tron%NetBSD.org@localhost>
date:      Wed Jun 29 12:17:23 2005 +0000

description:
Pull up revision 1.6 (requested by manu in ticket #489):
Consume NAT-T packets that have already been seen through MSG_PEEK

diffstat:

 crypto/dist/ipsec-tools/src/racoon/isakmp.c |  16 ++++++++++++----
 1 files changed, 12 insertions(+), 4 deletions(-)

diffs (31 lines):

diff -r af10b374bbf0 -r 6bc0d3e0e834 crypto/dist/ipsec-tools/src/racoon/isakmp.c
--- a/crypto/dist/ipsec-tools/src/racoon/isakmp.c       Wed Jun 29 12:15:25 2005 +0000
+++ b/crypto/dist/ipsec-tools/src/racoon/isakmp.c       Wed Jun 29 12:17:23 2005 +0000
@@ -1,6 +1,6 @@
-/*     $NetBSD: isakmp.c,v 1.1.1.3.2.4 2005/05/27 23:00:33 riz Exp $   */
-
-/* $Id: isakmp.c,v 1.1.1.3.2.4 2005/05/27 23:00:33 riz Exp $ */
+/*     $NetBSD: isakmp.c,v 1.1.1.3.2.5 2005/06/29 12:17:23 tron Exp $  */
+
+/* $Id: isakmp.c,v 1.1.1.3.2.5 2005/06/29 12:17:23 tron Exp $ */
 
 /*
  * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@@ -214,8 +214,16 @@
        }
 
        /* keep-alive packet - ignore */
-       if (len == 1 && (x.buf[0]&0xff) == 0xff)
+       if (len == 1 && (x.buf[0]&0xff) == 0xff) {
+               /* Pull the keep-alive packet */
+               if ((len = recvfrom(so_isakmp, (char *)x.buf, 1,
+                   0, (struct sockaddr *)&remote, &remote_len)) != 1) {
+                       plog(LLV_ERROR, LOCATION, NULL,
+                           "failed to receive keep alive packet: %s\n",
+                           strerror (errno));
+               }
                goto end;
+       }
 
 #ifdef ENABLE_NATT
        /* we don't know about portchange yet,