diff options
| author |   markus <markus@openbsd.org> | 2014-01-24 07:30:48 +0000 |
|---|---|---|
| committer | markus <markus@openbsd.org> | 2014-01-24 07:30:48 +0000 |
| commit | c4eac93a9824850c5371cd0ea375015ae10f239c (patch) | |
| tree | 1d9113f1189f20ead17dafcfd6546678121a2068 | |
| parent | don't leak prv RSA key for each signature; ok mikeb (diff) | |
| download | wireguard-openbsd-c4eac93a9824850c5371cd0ea375015ae10f239c.tar.xz wireguard-openbsd-c4eac93a9824850c5371cd0ea375015ae10f239c.zip | |
make sure sa_lookup() can actually find SAs; ok mikeb
| -rw-r--r-- | sbin/iked/policy.c | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/sbin/iked/policy.c b/sbin/iked/policy.c index 76d7bc7ccd4..bdaf00eb92f 100644 --- a/sbin/iked/policy.c +++ b/sbin/iked/policy.c @@ -1,4 +1,4 @@ -/* $OpenBSD: policy.c,v 1.27 2013/12/03 13:55:40 markus Exp $ */ +/* $OpenBSD: policy.c,v 1.28 2014/01/24 07:30:48 markus Exp $ */ /* * Copyright (c) 2010-2013 Reyk Floeter <reyk@openbsd.org> @@ -450,8 +450,10 @@ sa_lookup(struct iked *env, u_int64_t ispi, u_int64_t rspi, static __inline int sa_cmp(struct iked_sa *a, struct iked_sa *b) { - if (a->sa_hdr.sh_initiator != b->sa_hdr.sh_initiator) - return (-2); + if (a->sa_hdr.sh_initiator > b->sa_hdr.sh_initiator) + return (-1); + if (a->sa_hdr.sh_initiator < b->sa_hdr.sh_initiator) + return (1); if (a->sa_hdr.sh_ispi > b->sa_hdr.sh_ispi) return (-1); |