From bd592e6e99d8e1203868d1dff3f1173765945dc3 Mon Sep 17 00:00:00 2001 From: manu Date: Fri, 20 May 2005 07:34:47 +0000 Subject: [PATCH] Really delete phase 1 on Xauth failure --- crypto/dist/ipsec-tools/ChangeLog | 3 +++ crypto/dist/ipsec-tools/src/racoon/isakmp_xauth.c | 4 ++-- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/crypto/dist/ipsec-tools/ChangeLog b/crypto/dist/ipsec-tools/ChangeLog index 94defdc17b86..eae860a80ea1 100644 --- a/crypto/dist/ipsec-tools/ChangeLog +++ b/crypto/dist/ipsec-tools/ChangeLog @@ -1,5 +1,8 @@ 2005-05-20 Emmanuel Dreyfus + From Mike Robinson + * src/racoon/isakmp_xauth.c: really delete phase 1 on Xauth failure + * src/libipsec/pfkey.c src/racoon/ipsec_doi.c: Fix NAT-T + IPcomp From hgates diff --git a/crypto/dist/ipsec-tools/src/racoon/isakmp_xauth.c b/crypto/dist/ipsec-tools/src/racoon/isakmp_xauth.c index f804395f9664..4314f42fb66b 100644 --- a/crypto/dist/ipsec-tools/src/racoon/isakmp_xauth.c +++ b/crypto/dist/ipsec-tools/src/racoon/isakmp_xauth.c @@ -1,4 +1,4 @@ -/* $NetBSD: isakmp_xauth.c,v 1.1.1.4 2005/03/16 23:52:55 manu Exp $ */ +/* $NetBSD: isakmp_xauth.c,v 1.2 2005/05/20 07:34:47 manu Exp $ */ /* Id: isakmp_xauth.c,v 1.17.2.3 2005/03/16 00:13:38 manubsd Exp */ @@ -915,7 +915,7 @@ isakmp_xauth_set(iph1, attr) EVT_PUSH(iph1->local, iph1->remote, EVTT_XAUTH_FAILED, NULL); - iph1->mode_cfg->flags &= ISAKMP_CFG_DELETE_PH1; + iph1->mode_cfg->flags |= ISAKMP_CFG_DELETE_PH1; } else { EVT_PUSH(iph1->local, iph1->remote, EVTT_XAUTH_SUCCESS, NULL);