diff options
author | Martin Pieuchot <mpi@cvs.openbsd.org> | 2019-02-01 13:29:49 +0000 |
---|---|---|
committer | Martin Pieuchot <mpi@cvs.openbsd.org> | 2019-02-01 13:29:49 +0000 |
commit | 91a9e8b618089c60f641e9a34a20666b3d665e14 (patch) | |
tree | 05d2e9025ef52c00215cb148a65bc2fc31da96c2 /sys/net/pfkeyv2.c | |
parent | 8c4ab3abaff7e158d8f1a705adcd4714b65d5f95 (diff) |
Do not silently return if extensions do not match the filters.
ok bluhm@, visa@
Diffstat (limited to 'sys/net/pfkeyv2.c')
-rw-r--r-- | sys/net/pfkeyv2.c | 10 |
1 files changed, 7 insertions, 3 deletions
diff --git a/sys/net/pfkeyv2.c b/sys/net/pfkeyv2.c index 3344dfc9443..2a89e834fcc 100644 --- a/sys/net/pfkeyv2.c +++ b/sys/net/pfkeyv2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pfkeyv2.c,v 1.194 2019/01/13 14:31:55 mpi Exp $ */ +/* $OpenBSD: pfkeyv2.c,v 1.195 2019/02/01 13:29:48 mpi Exp $ */ /* * @(#)COPYRIGHT 1.1 (NRL) 17 January 1995 @@ -2041,12 +2041,16 @@ ret: seen |= (1LL << i); if ((seen & sadb_exts_allowed_out[smsg->sadb_msg_type]) - != seen) + != seen) { + rval = EPERM; goto realret; + } if ((seen & sadb_exts_required_out[smsg->sadb_msg_type]) != - sadb_exts_required_out[smsg->sadb_msg_type]) + sadb_exts_required_out[smsg->sadb_msg_type]) { + rval = EPERM; goto realret; + } } rval = pfkeyv2_sendmessage(headers, mode, so, 0, 0, rdomain); |