Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/ipsec-tools-0_8-branch]: src/crypto/dist/ipsec-tools/src/racoon From Rom...
details: https://anonhg.NetBSD.org/src/rev/cb4af5ebd1fb
branches: ipsec-tools-0_8-branch
changeset: 763332:cb4af5ebd1fb
user: tteras <tteras%NetBSD.org@localhost>
date: Wed Aug 29 12:01:56 2012 +0000
description:
>From Roman Hoog Antink <rha%open.ch@localhost>: Accept DPD messages with cookies
also in reversed order for compatiblity. At least Cisco 836 running
IOS 12.3(8)T does this.
diffstat:
crypto/dist/ipsec-tools/src/racoon/isakmp_inf.c | 11 +++++++----
1 files changed, 7 insertions(+), 4 deletions(-)
diffs (32 lines):
diff -r 6b4aed10f257 -r cb4af5ebd1fb crypto/dist/ipsec-tools/src/racoon/isakmp_inf.c
--- a/crypto/dist/ipsec-tools/src/racoon/isakmp_inf.c Wed Aug 29 11:35:09 2012 +0000
+++ b/crypto/dist/ipsec-tools/src/racoon/isakmp_inf.c Wed Aug 29 12:01:56 2012 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: isakmp_inf.c,v 1.47 2011/03/15 13:20:14 vanhu Exp $ */
+/* $NetBSD: isakmp_inf.c,v 1.47.2.1 2012/08/29 12:01:56 tteras Exp $ */
/* Id: isakmp_inf.c,v 1.44 2006/05/06 20:45:52 manubsd Exp */
@@ -1465,8 +1465,11 @@
return 0;
}
- if (memcmp(ru->i_ck, iph1->index.i_ck, sizeof(cookie_t)) ||
- memcmp(ru->r_ck, iph1->index.r_ck, sizeof(cookie_t))) {
+ /* accept cookies in original or reversed order */
+ if ((memcmp(ru->i_ck, iph1->index.i_ck, sizeof(cookie_t)) ||
+ memcmp(ru->r_ck, iph1->index.r_ck, sizeof(cookie_t))) &&
+ (memcmp(ru->r_ck, iph1->index.i_ck, sizeof(cookie_t)) ||
+ memcmp(ru->i_ck, iph1->index.r_ck, sizeof(cookie_t)))) {
plog(LLV_ERROR, LOCATION, iph1->remote,
"Cookie mismatch in DPD ACK!.\n");
return 0;
@@ -1477,7 +1480,7 @@
sched_cancel(&iph1->dpd_r_u);
isakmp_sched_r_u(iph1, 0);
- plog(LLV_DEBUG, LOCATION, NULL, "received an R-U-THERE-ACK\n");
+ plog(LLV_DEBUG, LOCATION, iph1->remote, "received an R-U-THERE-ACK\n");
return 0;
}
Home |
Main Index |
Thread Index |
Old Index