summaryrefslogtreecommitdiff
path: root/sbin/iked
diff options
context:
space:
mode:
authortobhe <tobhe@cvs.openbsd.org>2020-10-30 23:32:43 +0000
committertobhe <tobhe@cvs.openbsd.org>2020-10-30 23:32:43 +0000
commit92276b4744cb7179fd86bde4dfba54c92830ae89 (patch)
tree942e51355977e029fde68976576c367432ea9b6b /sbin/iked
parent37e0bd1563f0f6d9679e05f0b013bd8ede63079c (diff)
Add missing bits to make 'request addr 0.0.0.0' accept ANY dynamic address.
Diffstat (limited to 'sbin/iked')
-rw-r--r--sbin/iked/ikev2.c10
1 files changed, 9 insertions, 1 deletions
diff --git a/sbin/iked/ikev2.c b/sbin/iked/ikev2.c
index c6aa9de583a..dd827f94ae6 100644
--- a/sbin/iked/ikev2.c
+++ b/sbin/iked/ikev2.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ikev2.c,v 1.274 2020/10/30 12:32:17 tobhe Exp $ */
+/* $OpenBSD: ikev2.c,v 1.275 2020/10/30 23:32:42 tobhe Exp $ */
/*
* Copyright (c) 2019 Tobias Heider <tobias.heider@stusta.de>
@@ -2247,6 +2247,10 @@ ikev2_add_cp(struct iked *env, struct iked_sa *sa, int type, struct ibuf *buf)
sa->sa_addrpool->addr_af == AF_INET) ?
(struct sockaddr_in *)&sa->sa_addrpool->addr :
(struct sockaddr_in *)&ikecfg->cfg.address.addr;
+ /* don't include unspecified address in request */
+ if (type == IKEV2_CP_REQUEST &&
+ !in4->sin_addr.s_addr)
+ break;
cfg->cfg_length = htobe16(4);
if (ibuf_add(buf, &in4->sin_addr.s_addr, 4) == -1)
return (-1);
@@ -2284,6 +2288,10 @@ ikev2_add_cp(struct iked *env, struct iked_sa *sa, int type, struct ibuf *buf)
sa->sa_addrpool6->addr_af == AF_INET6) ?
(struct sockaddr_in6 *)&sa->sa_addrpool6->addr :
(struct sockaddr_in6 *)&ikecfg->cfg.address.addr;
+ /* don't include unspecified address in request */
+ if (type == IKEV2_CP_REQUEST &&
+ IN6_IS_ADDR_UNSPECIFIED(&in6->sin6_addr))
+ break;
cfg->cfg_length = htobe16(17);
if (ibuf_add(buf, &in6->sin6_addr.s6_addr, 16) == -1)
return (-1);
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-30 07:50:05 +0000