diff options
| author | Angelos D. Keromytis <angelos@cvs.openbsd.org> | 2001-06-07 07:50:30 +0000 |
|---|---|---|
| committer | Angelos D. Keromytis <angelos@cvs.openbsd.org> | 2001-06-07 07:50:30 +0000 |
| commit | 128b65d61c45bcd449f55ff9a8f112c5a9877eca (patch) | |
| tree | f4339dc5a37c08e535647e97e2a4aa03406c7877 /sbin/isakmpd | |
| parent | 3e25b72ab3c511ef45cc6a0dad41608e17be3046 (diff) | |
Actually, using ACQUIRE can cause lowering of security policy level
for outgoing policies -- so, just use USE on the remote.
Diffstat (limited to 'sbin/isakmpd')
| -rw-r--r-- | sbin/isakmpd/pf_key_v2.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/sbin/isakmpd/pf_key_v2.c b/sbin/isakmpd/pf_key_v2.c index 7097de0fd86..ec62e5a468a 100644 --- a/sbin/isakmpd/pf_key_v2.c +++ b/sbin/isakmpd/pf_key_v2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pf_key_v2.c,v 1.64 2001/06/07 07:45:18 angelos Exp $ */ +/* $OpenBSD: pf_key_v2.c,v 1.65 2001/06/07 07:50:29 angelos Exp $ */ /* $EOM: pf_key_v2.c,v 1.79 2000/12/12 00:33:19 niklas Exp $ */ /* @@ -1488,7 +1488,7 @@ pf_key_v2_flow (in_addr_t laddr, in_addr_t lmask, in_addr_t raddr, flowtype.sadb_protocol_direction = ingress ? IPSP_DIRECTION_IN : IPSP_DIRECTION_OUT; flowtype.sadb_protocol_proto - = ingress ? SADB_X_FLOW_TYPE_ACQUIRE: SADB_X_FLOW_TYPE_REQUIRE; + = ingress ? SADB_X_FLOW_TYPE_USE : SADB_X_FLOW_TYPE_REQUIRE; if (pf_key_v2_msg_add (flow, (struct sadb_ext *)&flowtype, 0) == -1) goto cleanup; |