Group :: Security/Networking
RPM: ipsec-tools
Navigation
Main Changelog Spec Patches Sources Download Gear Bugs and FR Repocop
Patch: ipsec-tools-0.6.7-rh-0.6.5-pre6.patch
Download
Download
--- ipsec-tools-0.6.7/src/racoon/ipsec_doi.c.pre6 2008-08-27 21:35:52 +1100
+++ ipsec-tools-0.6.7/src/racoon/ipsec_doi.c 2008-08-27 21:35:52 +1100
@@ -2704,7 +2704,7 @@ setph1attr(sa, buf)
attrlen += sizeof(struct isakmp_data)
+ sizeof(struct isakmp_data);
if (sa->lifetime > 0xffff)
- attrlen += sizeof(u_int32_t);
+ attrlen += sizeof(lifetime);
if (buf) {p = isakmp_set_attr_l(p, OAKLEY_ATTR_SA_LD_TYPE,
OAKLEY_ATTR_SA_LD_TYPE_SEC);
--- ipsec-tools-0.6.7/src/racoon/isakmp.c.pre6 2008-08-27 21:35:52 +1100
+++ ipsec-tools-0.6.7/src/racoon/isakmp.c 2008-08-27 21:35:52 +1100
@@ -247,18 +247,6 @@ isakmp_handler(so_isakmp)
if ((len = recvfrom(so_isakmp, (char *)&isakmp, sizeof(isakmp),
0, (struct sockaddr *)&remote, &remote_len)) < 0) {plog(LLV_ERROR, LOCATION, NULL,
- "failed to receive isakmp packet\n");
- }
- goto end;
- }
-
- /* reject it if the size is tooooo big. */
- if (ntohl(isakmp.len) > 0xffff) {- plog(LLV_ERROR, LOCATION, NULL,
- "the length of the isakmp header is too big.\n");
- if ((len = recvfrom(so_isakmp, (char *)&isakmp, sizeof(isakmp),
- 0, (struct sockaddr *)&remote, &remote_len)) < 0) {- plog(LLV_ERROR, LOCATION, NULL,
"failed to receive isakmp packet: %s\n",
strerror (errno));
}