From 128ca073d2431750e6717631d1421547bdc84e5d Mon Sep 17 00:00:00 2001 From: Martin Willi Date: Wed, 21 Mar 2007 07:00:04 +0000 Subject: [PATCH] prevent from initiating to %any --- src/charon/sa/ike_sa.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/src/charon/sa/ike_sa.c b/src/charon/sa/ike_sa.c index 6f15ffc..70f6dec 100644 --- a/src/charon/sa/ike_sa.c +++ b/src/charon/sa/ike_sa.c @@ -770,6 +770,13 @@ static status_t initiate(private_ike_sa_t *this, /* if we aren't established/establishing, do so */ apply_config(this, connection, policy); + if (this->other_host->is_anyaddr(this->other_host)) + { + SIG(IKE_UP_START, "initiating IKE_SA"); + SIG(IKE_UP_FAILED, "unable to initiate to %%any"); + return DESTROY_ME; + } + task = (task_t*)ike_init_create(&this->public, TRUE, NULL); this->task_manager->queue_task(this->task_manager, task); task = (task_t*)ike_natd_create(&this->public, TRUE); -- 2.7.4