diff options
| author | Tobias Heider <tobhe@cvs.openbsd.org> | 2021-11-10 13:09:06 +0000 |
|---|---|---|
| committer | Tobias Heider <tobhe@cvs.openbsd.org> | 2021-11-10 13:09:06 +0000 |
| commit | ba05e7fdb3c41b290c7f04a11e80e78479efdf74 (patch) | |
| tree | ae817b9b66ac29690b708594f28624df095a0925 /sbin/iked/ikev2.c | |
| parent | 3948226dd82620ec57cc8362fe96a81206a97e04 (diff) | |
Look for INVALID_KE group from IKE_SA_INIT in IKE transforms,
not ESP transforms. Fixes broken key exchange negotiation with
matching proposals.
ok patrick@ markus@
Diffstat (limited to 'sbin/iked/ikev2.c')
| -rw-r--r-- | sbin/iked/ikev2.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/sbin/iked/ikev2.c b/sbin/iked/ikev2.c index 52ce7e616b9..99366f4432a 100644 --- a/sbin/iked/ikev2.c +++ b/sbin/iked/ikev2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ikev2.c,v 1.329 2021/10/12 10:01:59 tobhe Exp $ */ +/* $OpenBSD: ikev2.c,v 1.330 2021/11/10 13:09:05 tobhe Exp $ */ /* * Copyright (c) 2019 Tobias Heider <tobias.heider@stusta.de> @@ -3059,7 +3059,7 @@ ikev2_handle_notifies(struct iked *env, struct iked_message *msg) groupid); switch (msg->msg_exchange) { case IKEV2_EXCHANGE_IKE_SA_INIT: - protoid = IKEV2_SAPROTO_ESP; + protoid = IKEV2_SAPROTO_IKE; if (!sa->sa_hdr.sh_initiator) { log_debug("%s: not an initiator", __func__); ikev2_ike_sa_setreason(sa, |