Author: Antonio Borneo
Date: Tue Nov 8 16:52:53 2011
New Revision: 469
Log:
Stefan Seyfried <seife+obs@b1-systems.com>
Fix lifetime issue on Fritz!Box.
port to trunk commit 468
Modified:
trunk/vpnc.c
Modified: trunk/vpnc.c
==============================================================================
--- trunk/vpnc.c (original)
+++ trunk/vpnc.c Tue Nov 8 16:52:53 2011
@@ -1161,8 +1161,11 @@
value = a->next->u.attr_16;
else if (a->next->af == isakmp_attr_lots && a->next->u.lots.length == 4)
value = ntohl(*((uint32_t *) a->next->u.lots.data));
- else
- assert(0);
+ else {
+ DEBUG(2, printf("got unknown ike lifetime attributes af %d len %d\n",
+ a->next->af, a->next->u.lots.length));
+ return;
+ }
DEBUG(2, printf("got ike lifetime attributes: %d %s\n", value,
(a->u.attr_16 == IKE_LIFE_TYPE_SECONDS) ? "seconds" : "kilobyte"));
@@ -1595,6 +1598,19 @@
seen_natd_them = 1;
}
break;
+ case ISAKMP_PAYLOAD_N:
+ if (rp->u.n.type == ISAKMP_N_IPSEC_RESPONDER_LIFETIME) {
+ if (rp->u.n.protocol == ISAKMP_IPSEC_PROTO_ISAKMP)
+ lifetime_ike_process(s, rp->u.n.attributes);
+ else if (rp->u.n.protocol == ISAKMP_IPSEC_PROTO_IPSEC_ESP)
+ lifetime_ipsec_process(s, rp->u.n.attributes);
+ else
+ DEBUG(2, printf("got unknown lifetime notice, ignoring..\n"));
+ } else {
+ DEBUG(1, printf("rejecting ISAKMP_PAYLOAD_N, type is not lifetime\n"));
+ reject = ISAKMP_N_INVALID_PAYLOAD_TYPE;
+ }
+ break;
default:
DEBUG(1, printf("rejecting invalid payload type %d\n", rp->type));
reject = ISAKMP_N_INVALID_PAYLOAD_TYPE;
_______________________________________________
vpnc-devel mailing list
vpnc-devel@unix-ag.uni-kl.de
https://lists.unix-ag.uni-kl.de/mailman/listinfo/vpnc-devel
http://www.unix-ag.uni-kl.de/~massar/vpnc/
Date: Tue Nov 8 16:52:53 2011
New Revision: 469
Log:
Stefan Seyfried <seife+obs@b1-systems.com>
Fix lifetime issue on Fritz!Box.
port to trunk commit 468
Modified:
trunk/vpnc.c
Modified: trunk/vpnc.c
==============================================================================
--- trunk/vpnc.c (original)
+++ trunk/vpnc.c Tue Nov 8 16:52:53 2011
@@ -1161,8 +1161,11 @@
value = a->next->u.attr_16;
else if (a->next->af == isakmp_attr_lots && a->next->u.lots.length == 4)
value = ntohl(*((uint32_t *) a->next->u.lots.data));
- else
- assert(0);
+ else {
+ DEBUG(2, printf("got unknown ike lifetime attributes af %d len %d\n",
+ a->next->af, a->next->u.lots.length));
+ return;
+ }
DEBUG(2, printf("got ike lifetime attributes: %d %s\n", value,
(a->u.attr_16 == IKE_LIFE_TYPE_SECONDS) ? "seconds" : "kilobyte"));
@@ -1595,6 +1598,19 @@
seen_natd_them = 1;
}
break;
+ case ISAKMP_PAYLOAD_N:
+ if (rp->u.n.type == ISAKMP_N_IPSEC_RESPONDER_LIFETIME) {
+ if (rp->u.n.protocol == ISAKMP_IPSEC_PROTO_ISAKMP)
+ lifetime_ike_process(s, rp->u.n.attributes);
+ else if (rp->u.n.protocol == ISAKMP_IPSEC_PROTO_IPSEC_ESP)
+ lifetime_ipsec_process(s, rp->u.n.attributes);
+ else
+ DEBUG(2, printf("got unknown lifetime notice, ignoring..\n"));
+ } else {
+ DEBUG(1, printf("rejecting ISAKMP_PAYLOAD_N, type is not lifetime\n"));
+ reject = ISAKMP_N_INVALID_PAYLOAD_TYPE;
+ }
+ break;
default:
DEBUG(1, printf("rejecting invalid payload type %d\n", rp->type));
reject = ISAKMP_N_INVALID_PAYLOAD_TYPE;
_______________________________________________
vpnc-devel mailing list
vpnc-devel@unix-ag.uni-kl.de
https://lists.unix-ag.uni-kl.de/mailman/listinfo/vpnc-devel
http://www.unix-ag.uni-kl.de/~massar/vpnc/