diff options
| author | tobhe <tobhe@cvs.openbsd.org> | 2020-11-23 19:20:09 +0000 |
|---|---|---|
| committer | tobhe <tobhe@cvs.openbsd.org> | 2020-11-23 19:20:09 +0000 |
| commit | 2f1f4d3ce748fad2e898605fa73c86c7e8199cd7 (patch) | |
| tree | 97240dadf5bd2e72b811dc501951524a1362d6cc /sbin | |
| parent | f1197d24659c50a179cb662441330efa623b84cc (diff) | |
Ignore duplicate sigsha2 notify, don't fail the exchange.
Diffstat (limited to 'sbin')
| -rw-r--r-- | sbin/iked/ikev2_pld.c | 14 |
1 files changed, 9 insertions, 5 deletions
diff --git a/sbin/iked/ikev2_pld.c b/sbin/iked/ikev2_pld.c index d1daf1b2689..47c7d68af92 100644 --- a/sbin/iked/ikev2_pld.c +++ b/sbin/iked/ikev2_pld.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ikev2_pld.c,v 1.112 2020/11/22 17:47:50 tobhe Exp $ */ +/* $OpenBSD: ikev2_pld.c,v 1.113 2020/11/23 19:20:08 tobhe Exp $ */ /* * Copyright (c) 2019 Tobias Heider <tobias.heider@stusta.de> @@ -1298,12 +1298,16 @@ ikev2_pld_notify(struct iked *env, struct ikev2_payload *pld, __func__); return (-1); } - if (sa == NULL || - sa->sa_sigsha2) { - log_debug("%s: SIGNATURE_HASH_ALGORITHMS: no SA or " - "duplicate notify", __func__); + if (sa == NULL) { + log_debug("%s: SIGNATURE_HASH_ALGORITHMS: no SA", + __func__); return (-1); } + if (sa->sa_sigsha2) { + log_debug("%s: SIGNATURE_HASH_ALGORITHMS: " + "duplicate notify", __func__); + return (0); + } if (left < sizeof(signature_hash) || left % sizeof(signature_hash)) { log_debug("%s: malformed signature hash notification" |