AMajor/SoftEtherVPN
1
0
Fork 0
mirror of https://github.com/SoftEtherVPN/SoftEtherVPN.git synced 2025-07-07 00:04:57 +03:00
Code Releases Activity

Cedar: add "DisableIPsecAggressiveMode" option

Browse Source 
Setting it to "true" mitigates CVE-2002-1623.
This commit is contained in:
Daiyuu Nobori
2019-11-18 06:13:21 +01:00
committed by Davide Beatrici
parent 4acd7ab98e
commit 76c330e74b
3 changed files with 10 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
src/Cedar/Proto_IKE.c
View File

@ -38,7 +38,10 @@ void ProcIKEPacketRecv(IKE_SERVER *ike, UDPPACKET *p)
break;
case IKE_EXCHANGE_TYPE_AGGRESSIVE: // Aggressive mode
ProcIkeAggressiveModePacketRecv(ike, p, header);
if (ike->Cedar->Server->DisableIPsecAggressiveMode == false)
{
ProcIkeAggressiveModePacketRecv(ike, p, header);
}
break;
case IKE_EXCHANGE_TYPE_QUICK: // Quick mode