diff options
| author |   tobhe <tobhe@openbsd.org> | 2020-11-23 19:20:08 +0000 |
|---|---|---|
| committer | tobhe <tobhe@openbsd.org> | 2020-11-23 19:20:08 +0000 |
| commit | 0348a920e02c0cb1d16337345ee795b6b915fdde (patch) | |
| tree | 21bb895840dbf0bc6cdb6b91d642857379e6b807 | |
| parent | mapalign() only handles allocations >= a page; problem found by and ok semarie@ (diff) | |
| download | wireguard-openbsd-0348a920e02c0cb1d16337345ee795b6b915fdde.tar.xz wireguard-openbsd-0348a920e02c0cb1d16337345ee795b6b915fdde.zip | |
Ignore duplicate sigsha2 notify, don't fail the exchange.
| -rw-r--r-- | sbin/iked/ikev2_pld.c | 14 |
1 files changed, 9 insertions, 5 deletions
diff --git a/sbin/iked/ikev2_pld.c b/sbin/iked/ikev2_pld.c index d1daf1b2689..47c7d68af92 100644 --- a/sbin/iked/ikev2_pld.c +++ b/sbin/iked/ikev2_pld.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ikev2_pld.c,v 1.112 2020/11/22 17:47:50 tobhe Exp $ */ +/* $OpenBSD: ikev2_pld.c,v 1.113 2020/11/23 19:20:08 tobhe Exp $ */ /* * Copyright (c) 2019 Tobias Heider <tobias.heider@stusta.de> @@ -1298,12 +1298,16 @@ ikev2_pld_notify(struct iked *env, struct ikev2_payload *pld, __func__); return (-1); } - if (sa == NULL || - sa->sa_sigsha2) { - log_debug("%s: SIGNATURE_HASH_ALGORITHMS: no SA or " - "duplicate notify", __func__); + if (sa == NULL) { + log_debug("%s: SIGNATURE_HASH_ALGORITHMS: no SA", + __func__); return (-1); } + if (sa->sa_sigsha2) { + log_debug("%s: SIGNATURE_HASH_ALGORITHMS: " + "duplicate notify", __func__); + return (0); + } if (left < sizeof(signature_hash) || left % sizeof(signature_hash)) { log_debug("%s: malformed signature hash notification" |