summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorHakan Olsson <ho@cvs.openbsd.org>2002-06-10 20:54:52 +0000
committerHakan Olsson <ho@cvs.openbsd.org>2002-06-10 20:54:52 +0000
commit6b574f5217ef3dc53d84216368ba0dfe9dd62d99 (patch)
tree04e7f1bc8e7be0452ac90ae822cb9aca7122af3d
parentbb15a4aaca62df563e32ae3abd46a2869412377b (diff)
CPIs cannot be selected from the same range as SPIs.
Diffstat
-rw-r--r--sbin/isakmpd/pf_key_v2.c14
1 files changed, 11 insertions, 3 deletions
diff --git a/sbin/isakmpd/pf_key_v2.c b/sbin/isakmpd/pf_key_v2.c
index 0b0b0016507..e6cdbb1af15 100644
--- a/sbin/isakmpd/pf_key_v2.c
+++ b/sbin/isakmpd/pf_key_v2.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: pf_key_v2.c,v 1.107 2002/06/09 08:13:06 todd Exp $ */
+/* $OpenBSD: pf_key_v2.c,v 1.108 2002/06/10 20:54:51 ho Exp $ */
/* $EOM: pf_key_v2.c,v 1.79 2000/12/12 00:33:19 niklas Exp $ */
/*
@@ -737,8 +737,16 @@ pf_key_v2_get_spi (size_t *sz, u_int8_t proto, struct sockaddr *src,
/* Setup the SPIRANGE extension. */
spirange.sadb_spirange_exttype = SADB_EXT_SPIRANGE;
spirange.sadb_spirange_len = sizeof spirange / PF_KEY_V2_CHUNK;
- spirange.sadb_spirange_min = IPSEC_SPI_LOW;
- spirange.sadb_spirange_max = 0xffffffff;
+ if (proto == IPSEC_PROTO_IPCOMP)
+ {
+ spirange.sadb_spirange_min = CPI_RESERVED_MAX + 1;
+ spirange.sadb_spirange_max = CPI_PRIVATE_MIN - 1;
+ }
+ else
+ {
+ spirange.sadb_spirange_min = IPSEC_SPI_LOW;
+ spirange.sadb_spirange_max = 0xffffffff;
+ }
spirange.sadb_spirange_reserved = 0;
if (pf_key_v2_msg_add (getspi, (struct sadb_ext *)&spirange, 0) == -1)
goto cleanup;
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-24 00:01:50 +0000