Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/crypto/dist/ipsec-tools/src/racoon Use separate SA addresses...
details: https://anonhg.NetBSD.org/src/rev/bf9d3811c015
branches: trunk
changeset: 759403:bf9d3811c015
user: tteras <tteras%NetBSD.org@localhost>
date: Wed Dec 08 07:38:35 2010 +0000
description:
Use separate SA addresses for phase2's created by admin command. The
phase2 startup overwrites src/dst with ISAKMP ports if they are zero
and we don't want that to happen for the SA ports.
diffstat:
crypto/dist/ipsec-tools/src/racoon/admin.c | 9 +++++++--
1 files changed, 7 insertions(+), 2 deletions(-)
diffs (28 lines):
diff -r 7153a5b1ce31 -r bf9d3811c015 crypto/dist/ipsec-tools/src/racoon/admin.c
--- a/crypto/dist/ipsec-tools/src/racoon/admin.c Wed Dec 08 07:34:08 2010 +0000
+++ b/crypto/dist/ipsec-tools/src/racoon/admin.c Wed Dec 08 07:38:35 2010 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: admin.c,v 1.37 2010/11/12 10:36:37 tteras Exp $ */
+/* $NetBSD: admin.c,v 1.38 2010/12/08 07:38:35 tteras Exp $ */
/* Id: admin.c,v 1.25 2006/04/06 14:31:04 manubsd Exp */
@@ -564,12 +564,17 @@
iph2->status = PHASE2ST_STATUS2;
/* set end addresses of SA */
+ iph2->sa_dst = dupsaddr(dst);
+ iph2->sa_src = dupsaddr(src);
iph2->dst = dupsaddr(dst);
iph2->src = dupsaddr(src);
- if (iph2->dst == NULL || iph2->src == NULL) {
+ if (iph2->sa_src == NULL || iph2->sa_dst == NULL ||
+ iph2->dst == NULL || iph2->src == NULL) {
delph2(iph2);
break;
}
+ set_port(iph2->dst, 0);
+ set_port(iph2->src, 0);
if (isakmp_get_sainfo(iph2, sp_out, sp_in) < 0) {
delph2(iph2);
Home |
Main Index |
Thread Index |
Old Index