diff options
| author | Joel Sing <jsing@cvs.openbsd.org> | 2009-10-04 11:39:33 +0000 |
|---|---|---|
| committer | Joel Sing <jsing@cvs.openbsd.org> | 2009-10-04 11:39:33 +0000 |
| commit | dd5c2f75fe5e092eb892c438f7f87faa2e57fcb6 (patch) | |
| tree | 0c972dfc55ad6d50555ba7472276de6e6ce4503a | |
| parent | e4f6aba2c964f23f9ea127835203e7ae4cca678b (diff) | |
When IKE is operating in dynamic mode and no srcid is given, the hostname
is used as the srcid, however the srcid type is not specified. Rectify this
by explicitly setting the srcid type to FQDN after successfully retrieving the
hostname. This worked prior to the addition of IPV4_ADDR/IPV6_ADDR support
since get_id_type() returned ID_FQDN even when presented with a null pointer.
Issue reported by Mikolaj Kucharski.
| -rw-r--r-- | sbin/ipsecctl/ike.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/sbin/ipsecctl/ike.c b/sbin/ipsecctl/ike.c index 38f41c37f55..d51dfe04250 100644 --- a/sbin/ipsecctl/ike.c +++ b/sbin/ipsecctl/ike.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ike.c,v 1.66 2009/08/04 15:05:50 jsing Exp $ */ +/* $OpenBSD: ike.c,v 1.67 2009/10/04 11:39:32 jsing Exp $ */ /* * Copyright (c) 2005 Hans-Joerg Hoexer <hshoexer@openbsd.org> * @@ -111,6 +111,7 @@ ike_section_ids(struct ipsec_rule *r, FILE *fd) err(1, "ike_section_ids: gethostname"); if ((r->auth->srcid = strdup(myname)) == NULL) err(1, "ike_section_ids: strdup"); + r->auth->srcid_type = ID_FQDN; } if (r->auth->srcid) { fprintf(fd, SET "[%s]:ID=id-%s force\n", r->p1name, |