From d67a5a6b3c07a5b19b1b6657f41bbdb4f4e3a69f Mon Sep 17 00:00:00 2001 From: tobhe Date: Mon, 6 Dec 2021 21:47:27 +0000 Subject: [PATCH] Logging received addresses and DNS configuration only makes sense for the initiator. ok patrick@ --- sbin/iked/ikev2.c | 24 ++++++++++++++++-------- 1 file changed, 16 insertions(+), 8 deletions(-) diff --git a/sbin/iked/ikev2.c b/sbin/iked/ikev2.c index 6ae85f79ae2..4642a43d739 100644 --- a/sbin/iked/ikev2.c +++ b/sbin/iked/ikev2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ikev2.c,v 1.341 2021/12/04 13:07:17 tobhe Exp $ */ +/* $OpenBSD: ikev2.c,v 1.342 2021/12/06 21:47:27 tobhe Exp $ */ /* * Copyright (c) 2019 Tobias Heider @@ -995,21 +995,14 @@ ikev2_ike_auth_recv(struct iked *env, struct iked_sa *sa, if (msg->msg_cp_addr) { sa->sa_cp_addr = msg->msg_cp_addr; msg->msg_cp_addr = NULL; - log_info("%s: obtained lease: %s", SPI_SA(sa, __func__), - print_host((struct sockaddr *)&sa->sa_cp_addr->addr, NULL, 0)); } if (msg->msg_cp_addr6) { sa->sa_cp_addr6 = msg->msg_cp_addr6; msg->msg_cp_addr6 = NULL; - log_info("%s: obtained lease: %s", SPI_SA(sa, __func__), - print_host((struct sockaddr *)&sa->sa_cp_addr6->addr, NULL, 0)); } if (msg->msg_cp_dns) { sa->sa_cp_dns = msg->msg_cp_dns; msg->msg_cp_dns = NULL; - log_debug("%s: DNS: %s", __func__, - print_host((struct sockaddr *)&sa->sa_cp_dns->addr, - NULL, 0)); } sa->sa_cp = msg->msg_cp; } @@ -1031,6 +1024,21 @@ ikev2_ike_auth_recv(struct iked *env, struct iked_sa *sa, return (-1); } + if (sa->sa_cp == IKEV2_CP_REPLY) { + if (sa->sa_cp_addr) + log_info("%s: obtained lease: %s", SPI_SA(sa, __func__), + print_host((struct sockaddr *)&sa->sa_cp_addr->addr, + NULL, 0)); + if (sa->sa_cp_addr6) + log_info("%s: obtained lease: %s", SPI_SA(sa, __func__), + print_host((struct sockaddr *)&sa->sa_cp_addr6->addr, + NULL, 0)); + if (sa->sa_cp_dns) + log_info("%s: obtained DNS: %s", SPI_SA(sa, __func__), + print_host((struct sockaddr *)&sa->sa_cp_dns->addr, + NULL, 0)); + } + return ikev2_ike_auth(env, sa); } -- 2.20.1