Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
===================================================================
RCS file: /ftp/cvs/cvsroot/src/crypto/dist/ipsec-tools/src/racoon/isakmp.c,v
retrieving revision 1.20.6.11
retrieving revision 1.20.6.12
diff -c -p -r1.20.6.11 -r1.20.6.12
*** src/crypto/dist/ipsec-tools/src/racoon/isakmp.c 2008/07/11 08:08:41 1.20.6.11
--- src/crypto/dist/ipsec-tools/src/racoon/isakmp.c 2008/08/12 12:47:07 1.20.6.12
***************
*** 1,4 ****
! /* $NetBSD: isakmp.c,v 1.20.6.11 2008/07/11 08:08:41 tteras Exp $ */
/* Id: isakmp.c,v 1.74 2006/05/07 21:32:59 manubsd Exp */
--- 1,4 ----
! /* $NetBSD: isakmp.c,v 1.20.6.12 2008/08/12 12:47:07 vanhu Exp $ */
/* Id: isakmp.c,v 1.74 2006/05/07 21:32:59 manubsd Exp */
*************** ph1_main(iph1, msg)
*** 798,817 ****
[iph1->side]
[iph1->status])(iph1, msg);
if (error != 0) {
! #if 0
/* XXX
* When an invalid packet is received on phase1, it should
* be selected to process this packet. That is to respond
* with a notify and delete phase 1 handler, OR not to respond
! * and keep phase 1 handler.
*/
! plog(LLV_ERROR, LOCATION, iph1->remote,
! "failed to pre-process packet.\n");
! return -1;
! #else
! /* ignore the error and keep phase 1 handler */
! return 0;
! #endif
}
#ifndef ENABLE_FRAG
--- 798,821 ----
[iph1->side]
[iph1->status])(iph1, msg);
if (error != 0) {
!
/* XXX
* When an invalid packet is received on phase1, it should
* be selected to process this packet. That is to respond
* with a notify and delete phase 1 handler, OR not to respond
! * and keep phase 1 handler. However, in PHASE1ST_START when
! * acting as RESPONDER we must not keep phase 1 handler or else
! * it will stay forever.
*/
!
! if (iph1->side == RESPONDER && iph1->status == PHASE1ST_START) {
! plog(LLV_ERROR, LOCATION, iph1->remote,
! "failed to pre-process packet.\n");
! return -1;
! } else {
! /* ignore the error and keep phase 1 handler */
! return 0;
! }
}
#ifndef ENABLE_FRAG
