summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorHans-Joerg Hoexer <hshoexer@cvs.openbsd.org>2007-02-22 10:01:03 +0000
committerHans-Joerg Hoexer <hshoexer@cvs.openbsd.org>2007-02-22 10:01:03 +0000
commitec68a8431629ab3506e414d91c2cd1f1e6aedc8e (patch)
tree597ef243ff05475ff2a8b4f7b06762cff0227c70
parent4931b9fc25efdd9c0e3fa3c964637bd7b46eeb4f (diff)
Add a comment that explains, why the VID of draft 2 NAT-T includes
a traling '\n'. suggested by and ok deraadt@, jmc@
-rw-r--r--sbin/isakmpd/nat_traversal.c7
1 files changed, 6 insertions, 1 deletions
diff --git a/sbin/isakmpd/nat_traversal.c b/sbin/isakmpd/nat_traversal.c
index 61304d8cd1d..e0932372e72 100644
--- a/sbin/isakmpd/nat_traversal.c
+++ b/sbin/isakmpd/nat_traversal.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: nat_traversal.c,v 1.17 2006/06/14 14:03:33 hshoexer Exp $ */
+/* $OpenBSD: nat_traversal.c,v 1.18 2007/02/22 10:01:02 hshoexer Exp $ */
/*
* Copyright (c) 2004 Håkan Olsson. All rights reserved.
@@ -55,6 +55,11 @@ int disable_nat_t = 0;
*
* These seem to be the "well" known variants of this string in use by
* products today.
+ *
+ * Note that the VID specified in draft 2 is ambiguous: It was
+ * accidentally calculated from the string "draft-ietf-ipsec-nat-t-ike-02\n"
+ * although the string was documented without the trailing '\n'. The authors
+ * suggested afterwards to use the string with the trailing '\n'.
*/
static struct nat_t_cap isakmp_nat_t_cap[] = {