From 090873a31881d0222489bfd38cdbad4b28b350b4 Mon Sep 17 00:00:00 2001 From: Mike Belopuhov Date: Thu, 30 Sep 2010 12:54:25 +0000 Subject: check that there are transforms in the proposal before trying to actually parse it. ok reyk --- sbin/iked/ikev2_pld.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/sbin/iked/ikev2_pld.c b/sbin/iked/ikev2_pld.c index 72857a122dc..a777843b638 100644 --- a/sbin/iked/ikev2_pld.c +++ b/sbin/iked/ikev2_pld.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ikev2_pld.c,v 1.15 2010/09/22 09:12:18 mikeb Exp $ */ +/* $OpenBSD: ikev2_pld.c,v 1.16 2010/09/30 12:54:24 mikeb Exp $ */ /* $vantronix: ikev2.c,v 1.101 2010/06/03 07:57:33 reyk Exp $ */ /* @@ -275,7 +275,8 @@ ikev2_pld_sa(struct iked *env, struct ikev2_payload *pld, /* * Parse the attached transforms */ - if (ikev2_pld_xform(env, &sap, msg, offset) != 0) { + if (sap.sap_transforms && + ikev2_pld_xform(env, &sap, msg, offset) != 0) { log_debug("%s: invalid proposal transforms", __func__); return (-1); } -- cgit v1.2.3