From b985d824380113e7ef33e539baf40ac46bf948a7 Mon Sep 17 00:00:00 2001 From: yasuoka Date: Fri, 27 Sep 2024 00:38:49 +0000 Subject: [PATCH] Previous pipex.c,v 1.155 was broken if the client was not behind a NAT. ok mvs --- sys/net/pipex.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/sys/net/pipex.c b/sys/net/pipex.c index c1bb5a86bcf..a5e0a49540a 100644 --- a/sys/net/pipex.c +++ b/sys/net/pipex.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pipex.c,v 1.155 2024/07/26 15:45:31 yasuoka Exp $ */ +/* $OpenBSD: pipex.c,v 1.156 2024/09/27 00:38:49 yasuoka Exp $ */ /*- * Copyright (c) 2009 Internet Initiative Japan Inc. @@ -2031,7 +2031,8 @@ pipex_l2tp_input(struct mbuf *m0, int off0, struct pipex_session *session, mtx_enter(&session->pxs_mtx); l2tp_session = &session->proto.l2tp; - if (l2tp_session->ipsecflowinfo != ipsecflowinfo) { + if (l2tp_session->ipsecflowinfo > 0 && + l2tp_session->ipsecflowinfo != ipsecflowinfo) { pipex_session_log(session, LOG_DEBUG, "received message is %s", (ipsecflowinfo != 0)? "from invalid ipsec flow" : -- 2.20.1