diff options
| author | Ryan Thomas McBride <mcbride@cvs.openbsd.org> | 2006-05-28 02:22:35 +0000 |
|---|---|---|
| committer | Ryan Thomas McBride <mcbride@cvs.openbsd.org> | 2006-05-28 02:22:35 +0000 |
| commit | 76f6cfc3e0e23a14e273b21bf9700c399bd7d8b7 (patch) | |
| tree | 2e3af91fd2e29577f9de961c9a8d31466ba8a989 /sbin/isakmpd/ipsec.c | |
| parent | a6065a00ebc5124057cae5d5d027738b14b81255 (diff) | |
Change the default replay window for SAs created by the isakmpd responder
to be DEFAULT_REPLAY_WINDOW instead of zero. The default replay window is
then the same for both initiator and receiver.
Fix from nathanael at polymorpheous dot com.
ok hshoexer@
Diffstat (limited to 'sbin/isakmpd/ipsec.c')
| -rw-r--r-- | sbin/isakmpd/ipsec.c | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/sbin/isakmpd/ipsec.c b/sbin/isakmpd/ipsec.c index 9906909017c..445744919b1 100644 --- a/sbin/isakmpd/ipsec.c +++ b/sbin/isakmpd/ipsec.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ipsec.c,v 1.122 2005/09/23 14:44:03 hshoexer Exp $ */ +/* $OpenBSD: ipsec.c,v 1.123 2006/05/28 02:22:34 mcbride Exp $ */ /* $EOM: ipsec.c,v 1.143 2000/12/11 23:57:42 niklas Exp $ */ /* @@ -2077,8 +2077,9 @@ ipsec_proto_init(struct proto *proto, char *section) struct ipsec_proto *iproto = proto->data; if (proto->sa->phase == 2 && section) - iproto->replay_window = conf_get_num(section, "ReplayWindow", - DEFAULT_REPLAY_WINDOW); + iproto->replay_window = section ? conf_get_num(section, + "ReplayWindow", DEFAULT_REPLAY_WINDOW) : + DEFAULT_REPLAY_WINDOW; } /* |