diff options
| author | tobhe <tobhe@cvs.openbsd.org> | 2020-04-28 17:56:46 +0000 |
|---|---|---|
| committer | tobhe <tobhe@cvs.openbsd.org> | 2020-04-28 17:56:46 +0000 |
| commit | b2e1252d7e042aa45d5b9a25cbafcda195cfb0f9 (patch) | |
| tree | 38d3942b3a394b836ec53af1e48f6a10a5233757 | |
| parent | 02235cc00f7f836ec284ce5745d7a7a05f3eacb2 (diff) | |
The order of arguments to proposals_negotiate makes a difference.
'key->pol_proposals' should be the peer proposal as it is derived from
a received SA payload, 'p->p_proposal' comes from a locally configured
policy.
ok patrick@
| -rw-r--r-- | sbin/iked/policy.c | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/sbin/iked/policy.c b/sbin/iked/policy.c index aa320248dd5..2be475a2e56 100644 --- a/sbin/iked/policy.c +++ b/sbin/iked/policy.c @@ -1,4 +1,4 @@ -/* $OpenBSD: policy.c,v 1.59 2020/04/23 20:17:48 tobhe Exp $ */ +/* $OpenBSD: policy.c,v 1.60 2020/04/28 17:56:45 tobhe Exp $ */ /* * Copyright (c) 2010-2013 Reyk Floeter <reyk@openbsd.org> @@ -172,8 +172,8 @@ policy_test(struct iked *env, struct iked_policy *key) /* Make sure the proposals are compatible */ if (TAILQ_FIRST(&key->pol_proposals) && - proposals_negotiate(NULL, &key->pol_proposals, - &p->pol_proposals, 0) == -1) { + proposals_negotiate(NULL, &p->pol_proposals, + &key->pol_proposals, 0) == -1) { p = TAILQ_NEXT(p, pol_entry); continue; } |