diff options
| author |   mcbride <mcbride@openbsd.org> | 2006-05-28 02:22:34 +0000 |
|---|---|---|
| committer | mcbride <mcbride@openbsd.org> | 2006-05-28 02:22:34 +0000 |
| commit | 94ddfd9f44baded7fd85c8195c9ccd11d1c0bb07 (patch) | |
| tree | 40452128bafca7665d2eb8fb034db839a7997cce | |
| parent | new field at end of struct, discussed with theo (diff) | |
| download | wireguard-openbsd-94ddfd9f44baded7fd85c8195c9ccd11d1c0bb07.tar.xz wireguard-openbsd-94ddfd9f44baded7fd85c8195c9ccd11d1c0bb07.zip | |
Change the default replay window for SAs created by the isakmpd responder
to be DEFAULT_REPLAY_WINDOW instead of zero. The default replay window is
then the same for both initiator and receiver.
Fix from nathanael at polymorpheous dot com.
ok hshoexer@
| -rw-r--r-- | sbin/isakmpd/ipsec.c | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/sbin/isakmpd/ipsec.c b/sbin/isakmpd/ipsec.c index 9906909017c..445744919b1 100644 --- a/sbin/isakmpd/ipsec.c +++ b/sbin/isakmpd/ipsec.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ipsec.c,v 1.122 2005/09/23 14:44:03 hshoexer Exp $ */ +/* $OpenBSD: ipsec.c,v 1.123 2006/05/28 02:22:34 mcbride Exp $ */ /* $EOM: ipsec.c,v 1.143 2000/12/11 23:57:42 niklas Exp $ */ /* @@ -2077,8 +2077,9 @@ ipsec_proto_init(struct proto *proto, char *section) struct ipsec_proto *iproto = proto->data; if (proto->sa->phase == 2 && section) - iproto->replay_window = conf_get_num(section, "ReplayWindow", - DEFAULT_REPLAY_WINDOW); + iproto->replay_window = section ? conf_get_num(section, + "ReplayWindow", DEFAULT_REPLAY_WINDOW) : + DEFAULT_REPLAY_WINDOW; } /* |