From: jan <jan@openbsd.org>
Date: Mon, 15 Jan 2024 21:37:58 +0000 (+0000)
Subject: Add debug message for no policy found.
X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=66dcd64f3258582e68199a3e17b5bd3efdbab91f;p=openbsd

Add debug message for no policy found.

In this case iked would just silently drop incomming connections.
Thus, the user has a chance to figure out whats going on.

ok tobhe@
---

diff --git a/sbin/iked/ikev2.c b/sbin/iked/ikev2.c
index e8eefdbcc5b..27f246c3a21 100644
--- a/sbin/iked/ikev2.c
+++ b/sbin/iked/ikev2.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: ikev2.c,v 1.381 2024/01/15 15:29:00 tobhe Exp $	*/
+/*	$OpenBSD: ikev2.c,v 1.382 2024/01/15 21:37:58 jan Exp $	*/
 
 /*
  * Copyright (c) 2019 Tobias Heider <tobias.heider@stusta.de>
@@ -657,6 +657,7 @@ ikev2_recv(struct iked *env, struct iked_message *msg)
 	    initiator);
 	msg->msg_msgid = betoh32(hdr->ike_msgid);
 	if (policy_lookup(env, msg, NULL, NULL, 0) != 0) {
+		log_debug("%s: no compatible policy found", __func__);
 		ikestat_inc(env, ikes_msg_rcvd_dropped);
 		return;
 	}