diff options
| author | Mathieu Sauve-Frankel <msf@cvs.openbsd.org> | 2006-11-10 15:01:32 +0000 |
|---|---|---|
| committer | Mathieu Sauve-Frankel <msf@cvs.openbsd.org> | 2006-11-10 15:01:32 +0000 |
| commit | b87b3e72ecb8e50ec9245e7437c50af1394d4955 (patch) | |
| tree | 285e60582975aea96248a4028314530760260460 | |
| parent | 85e38b9c3b1523139fb7541d13d89a42e72740ce (diff) | |
check both rule sourace and destination when grouping sa's
fixes PR5262
ok hshoexer@
| -rw-r--r-- | sbin/ipsecctl/parse.y | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/sbin/ipsecctl/parse.y b/sbin/ipsecctl/parse.y index 3bad4890e90..b1d444184ca 100644 --- a/sbin/ipsecctl/parse.y +++ b/sbin/ipsecctl/parse.y @@ -1,4 +1,4 @@ -/* $OpenBSD: parse.y,v 1.111 2006/11/10 14:42:19 hshoexer Exp $ */ +/* $OpenBSD: parse.y,v 1.112 2006/11/10 15:01:31 msf Exp $ */ /* * Copyright (c) 2002, 2003, 2004 Henning Brauer <henning@openbsd.org> @@ -1957,7 +1957,8 @@ add_sagroup(struct ipsec_rule *r) int found = 0; TAILQ_FOREACH(rp, &ipsec->group_queue, group_entry) { - if (strcmp(rp->dst->name, r->dst->name) == 0) { + if ((strcmp(rp->src->name, r->src->name) == 0) && + (strcmp(rp->dst->name, r->dst->name) == 0)) { found = 1; break; } |