diff options
| author | Reyk Floeter <reyk@cvs.openbsd.org> | 2017-03-27 10:21:20 +0000 |
|---|---|---|
| committer | Reyk Floeter <reyk@cvs.openbsd.org> | 2017-03-27 10:21:20 +0000 |
| commit | 8887512a9fc9d90ed190d93e590863b62643d9fd (patch) | |
| tree | b20c373a5d9ded0803fc3e8722d8fe9201416bf5 /sbin/iked/iked.h | |
| parent | e3affe111fdf78b3b570254f4a8bcac92e8e2264 (diff) | |
Add support to reflect the responder IKEv2 COOKIE.
This fixes connecting to Azure VPN and other implementations that
implement the IKEv2 COOKIE mechanism on the responder side. Azure
decides to send you a responder COOKIE after too many connection
attempts - we have to keep it and reflect it to establish a
connection. This implementation is only for the initiator (client)
side, we do not support sending COOKIEs on the responder (server) side
yet.
OK patrick@ mikeb@
Diffstat (limited to 'sbin/iked/iked.h')
| -rw-r--r-- | sbin/iked/iked.h | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/sbin/iked/iked.h b/sbin/iked/iked.h index b2bda61d145..997ec1a56e4 100644 --- a/sbin/iked/iked.h +++ b/sbin/iked/iked.h @@ -1,4 +1,4 @@ -/* $OpenBSD: iked.h,v 1.110 2017/03/27 10:06:41 reyk Exp $ */ +/* $OpenBSD: iked.h,v 1.111 2017/03/27 10:21:19 reyk Exp $ */ /* * Copyright (c) 2010-2013 Reyk Floeter <reyk@openbsd.org> @@ -502,6 +502,7 @@ struct iked_message { struct iked_id msg_auth; /* AUTH payload */ struct iked_id msg_id; struct iked_id msg_cert; + struct ibuf *msg_cookie; /* Parse stack */ struct iked_proposal *msg_prop; |