diff options
| author |   tobhe <tobhe@openbsd.org> | 2020-11-16 12:59:20 +0000 |
|---|---|---|
| committer | tobhe <tobhe@openbsd.org> | 2020-11-16 12:59:20 +0000 |
| commit | b4666c21567cc71f6ee0f30f32f42daef9034776 (patch) | |
| tree | b38192c95631a4543da269a4abe4436e86624eb0 | |
| parent | Remove Case2 goto, use a simple if () instead. (diff) | |
| download | wireguard-openbsd-b4666c21567cc71f6ee0f30f32f42daef9034776.tar.xz wireguard-openbsd-b4666c21567cc71f6ee0f30f32f42daef9034776.zip | |
Backout ikev2_init_auth() return check to fix regression with
certificate authentication.
Reported by Mark Patruck <mark (at) wrapped (dot) cx>
| -rw-r--r-- | sbin/iked/ikev2.c | 10 |
1 files changed, 2 insertions, 8 deletions
diff --git a/sbin/iked/ikev2.c b/sbin/iked/ikev2.c index 989cce5dd22..65ad2a2e9c6 100644 --- a/sbin/iked/ikev2.c +++ b/sbin/iked/ikev2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ikev2.c,v 1.281 2020/11/14 20:14:07 tobhe Exp $ */ +/* $OpenBSD: ikev2.c,v 1.282 2020/11/16 12:59:20 tobhe Exp $ */ /* * Copyright (c) 2019 Tobias Heider <tobias.heider@stusta.de> @@ -1086,13 +1086,7 @@ ikev2_init_recv(struct iked *env, struct iked_message *msg, if (ikev2_handle_certreq(env, msg) != 0) return; - if (ikev2_init_auth(env, msg) != 0) { - ikev2_ike_sa_setreason(sa, - "failed to initiate IKE_AUTH exchange"); - sa_state(env, sa, IKEV2_STATE_CLOSED); - msg->msg_sa = NULL; - return; - } + (void)ikev2_init_auth(env, msg); break; case IKEV2_EXCHANGE_IKE_AUTH: if (msg->msg_flags & IKED_MSG_FLAGS_AUTHENTICATION_FAILED) { |