From 16b13f1c5161dc4e740cf2ff1620dd1f58ef321c Mon Sep 17 00:00:00 2001 From: Hakan Olsson Date: Mon, 23 Aug 2004 11:53:25 +0000 Subject: We need to set sa->initiator before checking if the newly created SA replaces an old one, or the id_i/id_r check will mismatch. Previous behaviour was mostly harmless, but wasted some resources (until normal SA expiration). hshoexer@ "haven't tried, but think it's ok" --- sbin/isakmpd/exchange.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'sbin/isakmpd') diff --git a/sbin/isakmpd/exchange.c b/sbin/isakmpd/exchange.c index 2deec9cc793..bf698eb5e95 100644 --- a/sbin/isakmpd/exchange.c +++ b/sbin/isakmpd/exchange.c @@ -1,4 +1,4 @@ -/* $OpenBSD: exchange.c,v 1.102 2004/08/10 15:59:10 ho Exp $ */ +/* $OpenBSD: exchange.c,v 1.103 2004/08/23 11:53:24 ho Exp $ */ /* $EOM: exchange.c,v 1.143 2000/12/04 00:02:25 angelos Exp $ */ /* @@ -1399,6 +1399,7 @@ exchange_finalize(struct message *msg) * Locate any old SAs and mark them replaced * (SA_FLAG_REPLACED). */ + sa->initiator = exchange->initiator; while ((old_sa = sa_find(exchange_check_old_sa, sa)) != 0) sa_mark_replaced(old_sa); -- cgit v1.2.3