Do not silently return if extensions do not match the filters.

ok bluhm@, visa@
author: mpi <mpi@openbsd.org> 2019-02-01 13:29:48 +0000
committer: mpi <mpi@openbsd.org> 2019-02-01 13:29:48 +0000
commit: 01ffbac9125b64b7115aff3d37b9001c16cba903 (patch)
tree: a29d7519942da2eeaa83aa6966b205f469e3141a
parent: Print xhci version in hex, from sc.dying at gmail. (diff)
download: wireguard-openbsd-01ffbac9125b64b7115aff3d37b9001c16cba903.tar.xz
wireguard-openbsd-01ffbac9125b64b7115aff3d37b9001c16cba903.zip
1 files changed, 7 insertions, 3 deletions
diff --git a/sys/net/pfkeyv2.c b/sys/net/pfkeyv2.c
index 3344dfc9443..2a89e834fcc 100644
--- a/sys/net/pfkeyv2.c
+++ b/sys/net/pfkeyv2.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: pfkeyv2.c,v 1.194 2019/01/13 14:31:55 mpi Exp $ */
+/* $OpenBSD: pfkeyv2.c,v 1.195 2019/02/01 13:29:48 mpi Exp $ */
 
 /*
  *	@(#)COPYRIGHT	1.1 (NRL) 17 January 1995
@@ -2041,12 +2041,16 @@ ret:
 				seen |= (1LL << i);
 
 		if ((seen & sadb_exts_allowed_out[smsg->sadb_msg_type])
-		    != seen)
+		    != seen) {
+		    	rval = EPERM;
 			goto realret;
+		}
 
 		if ((seen & sadb_exts_required_out[smsg->sadb_msg_type]) !=
-		    sadb_exts_required_out[smsg->sadb_msg_type])
+		    sadb_exts_required_out[smsg->sadb_msg_type]) {
+		    	rval = EPERM;
 			goto realret;
+		}
 	}
 
 	rval = pfkeyv2_sendmessage(headers, mode, so, 0, 0, rdomain);
author	mpi <mpi@openbsd.org>	2019-02-01 13:29:48 +0000
committer	mpi <mpi@openbsd.org>	2019-02-01 13:29:48 +0000
commit	01ffbac9125b64b7115aff3d37b9001c16cba903 (patch)
tree	a29d7519942da2eeaa83aa6966b205f469e3141a
parent	Print xhci version in hex, from sc.dying at gmail. (diff)
download	wireguard-openbsd-01ffbac9125b64b7115aff3d37b9001c16cba903.tar.xz wireguard-openbsd-01ffbac9125b64b7115aff3d37b9001c16cba903.zip