summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMartin Pieuchot <mpi@cvs.openbsd.org>2019-02-01 13:29:49 +0000
committerMartin Pieuchot <mpi@cvs.openbsd.org>2019-02-01 13:29:49 +0000
commit91a9e8b618089c60f641e9a34a20666b3d665e14 (patch)
tree05d2e9025ef52c00215cb148a65bc2fc31da96c2
parent8c4ab3abaff7e158d8f1a705adcd4714b65d5f95 (diff)
Do not silently return if extensions do not match the filters.
ok bluhm@, visa@
-rw-r--r--sys/net/pfkeyv2.c10
1 files changed, 7 insertions, 3 deletions
diff --git a/sys/net/pfkeyv2.c b/sys/net/pfkeyv2.c
index 3344dfc9443..2a89e834fcc 100644
--- a/sys/net/pfkeyv2.c
+++ b/sys/net/pfkeyv2.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: pfkeyv2.c,v 1.194 2019/01/13 14:31:55 mpi Exp $ */
+/* $OpenBSD: pfkeyv2.c,v 1.195 2019/02/01 13:29:48 mpi Exp $ */
/*
* @(#)COPYRIGHT 1.1 (NRL) 17 January 1995
@@ -2041,12 +2041,16 @@ ret:
seen |= (1LL << i);
if ((seen & sadb_exts_allowed_out[smsg->sadb_msg_type])
- != seen)
+ != seen) {
+ rval = EPERM;
goto realret;
+ }
if ((seen & sadb_exts_required_out[smsg->sadb_msg_type]) !=
- sadb_exts_required_out[smsg->sadb_msg_type])
+ sadb_exts_required_out[smsg->sadb_msg_type]) {
+ rval = EPERM;
goto realret;
+ }
}
rval = pfkeyv2_sendmessage(headers, mode, so, 0, 0, rdomain);