From Arnaud Ebalard: Better matching of SPD entries in getsp_r().
This commit is contained in:
vanhu
parent
cd8d63d79e
commit
70597b6cab
10
crypto/dist/ipsec-tools/src/racoon/policy.c
vendored
10
crypto/dist/ipsec-tools/src/racoon/policy.c
vendored
@ -1,4 +1,4 @@
|
||||
/* $NetBSD: policy.c,v 1.7 2007/07/18 12:07:52 vanhu Exp $ */
|
||||
/* $NetBSD: policy.c,v 1.8 2007/11/09 16:27:47 vanhu Exp $ */
|
||||
|
||||
/* $KAME: policy.c,v 1.46 2001/11/16 04:08:10 sakane Exp $ */
|
||||
|
||||
@ -91,13 +91,17 @@ getsp_r(spidx)
|
||||
struct policyindex *spidx;
|
||||
{
|
||||
struct secpolicy *p;
|
||||
struct secpolicy *found = NULL;
|
||||
|
||||
for (p = TAILQ_FIRST(&sptree); p; p = TAILQ_NEXT(p, chain)) {
|
||||
if (!cmpspidxwild(spidx, &p->spidx))
|
||||
if (!cmpspidxstrict(spidx, &p->spidx))
|
||||
return p;
|
||||
|
||||
if (!found && !cmpspidxwild(spidx, &p->spidx))
|
||||
found = p;
|
||||
}
|
||||
|
||||
return NULL;
|
||||
return found;
|
||||
}
|
||||
#else
|
||||
struct secpolicy *
|
||||
|
||||
Loading…
Reference in New Issue
Block a user