projects / strongswan.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 791fde1) | patch
libipsec: check for a policy with the reqid of the SA on decapsulation
authorMartin Willi <martin@revosec.ch>
Wed, 4 Sep 2013 15:12:23 +0000 (17:12 +0200)
committerMartin Willi <martin@revosec.ch>
Fri, 13 Sep 2013 11:56:43 +0000 (13:56 +0200)
commit96136a12298e0804e8bd5f5b2d2d68e508da9810
treed872b7946604db44b7bf9994144cf72ad769c88atree | snapshot
parent791fde166998fa1f48c837576ec155e38bcdd1becommit | diff
libipsec: check for a policy with the reqid of the SA on decapsulation

To prevent a client from sending a packet with a source address of a different
client, we require a policy bound via reqid to the decapsulating SA.
src/libipsec/ipsec_policy_mgr.c diff | blob | history
src/libipsec/ipsec_policy_mgr.h diff | blob | history
src/libipsec/ipsec_processor.c diff | blob | history
strongSwan - IPsec VPN