summaryrefslogtreecommitdiff
path: root/sbin/isakmpd/ike_phase_1.c
diff options
context:
space:
mode:
Diffstat (limited to 'sbin/isakmpd/ike_phase_1.c')
-rw-r--r--sbin/isakmpd/ike_phase_1.c35
1 files changed, 26 insertions, 9 deletions
diff --git a/sbin/isakmpd/ike_phase_1.c b/sbin/isakmpd/ike_phase_1.c
index c6d81ed6875..4d7fba808e3 100644
--- a/sbin/isakmpd/ike_phase_1.c
+++ b/sbin/isakmpd/ike_phase_1.c
@@ -1,5 +1,5 @@
-/* $OpenBSD: ike_phase_1.c,v 1.7 1999/08/26 22:27:51 niklas Exp $ */
-/* $EOM: ike_phase_1.c,v 1.8 1999/08/18 00:44:55 angelos Exp $ */
+/* $OpenBSD: ike_phase_1.c,v 1.8 1999/10/01 14:07:42 niklas Exp $ */
+/* $EOM: ike_phase_1.c,v 1.11 1999/09/29 22:05:38 ho Exp $ */
/*
* Copyright (c) 1999 Niklas Hallqvist. All rights reserved.
@@ -1097,14 +1097,19 @@ attribute_unacceptable (u_int16_t type, u_int8_t *value, u_int16_t len,
case IKE_ATTR_PRF:
str = conf_get_str (xf->field, tag);
if (!str)
- /* This attribute does not exist in this policy. */
- return 1;
+ {
+ /* This attribute does not exist in this policy. */
+ log_print ("attribute_unacceptable: attr %s does not exist in %s",
+ tag, xf->field);
+ return 1;
+ }
map = constant_link_lookup (ike_attr_cst, type);
if (!map)
return 1;
- if (constant_value (map, str) == decode_16 (value))
+ if ((constant_value (map, str) == decode_16 (value)) ||
+ (!strcmp (str, "ANY")))
{
/* Mark this attribute as seen. */
node = malloc (sizeof *node);
@@ -1118,6 +1123,7 @@ attribute_unacceptable (u_int16_t type, u_int8_t *value, u_int16_t len,
LIST_INSERT_HEAD (&vs->attrs, node, link);
return 0;
}
+ log_print ("attribute_unacceptable: got %s, expected %s", map, str);
return 1;
case IKE_ATTR_GROUP_PRIME:
@@ -1130,11 +1136,17 @@ attribute_unacceptable (u_int16_t type, u_int8_t *value, u_int16_t len,
case IKE_ATTR_LIFE_TYPE:
case IKE_ATTR_LIFE_DURATION:
+ if (!strcmp (conf_get_str (xf->field, "Life"), "ANY"))
+ return 0;
+
rv = 1;
life_conf = conf_get_list (xf->field, "Life");
if (!life_conf)
- /* Life attributes given, but not in our policy. */
- return 1;
+ {
+ /* Life attributes given, but not in our policy. */
+ log_print ("attribute_unacceptable: received unexpected life attribute");
+ return 1;
+ }
/*
* Each lifetime type must match, otherwise we turn the proposal down.
@@ -1179,8 +1191,13 @@ attribute_unacceptable (u_int16_t type, u_int8_t *value, u_int16_t len,
rv = 1;
goto bail_out;
}
- rv = !conf_match_num (vs->life, "LIFE_DURATION",
- len == 4 ? decode_32 (value) : decode_16 (value));
+
+ if (!strcmp (conf_get_str (vs->life, "LIFE_DURATION"), "ANY"))
+ rv = 0;
+ else
+ rv = !conf_match_num (vs->life, "LIFE_DURATION",
+ len == 4 ? decode_32 (value) :
+ decode_16 (value));
free (vs->life);
vs->life = 0;
break;