d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix broken window replay check that will allow old packet to be accepted.

Browse Source 
This was introduced in r309144.

Submitted by:	Jean-Francois HREN <jean-francois.hren@stormshield.eu>
Approved by:	ae@
MFC after:	3 days
This commit is contained in:
Fabien Thomas 2019-09-06 14:30:23 +00:00
parent e57b2d0e51
commit d5f39c34a6
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
sys/netipsec/ipsec.c
View File

@ -1323,6 +1323,8 @@ ipsec_updatereplay(uint32_t seq, struct secasvar *sav)
__func__, replay->overflow,
ipsec_sa2str(sav, buf, sizeof(buf))));
}
replay->count++;
return (0);
}