network_cmds-176.3.1.tar.gz

[apple/network_cmds.git] / racoon.tproj / isakmp.c

diff --git a/racoon.tproj/isakmp.c b/racoon.tproj/isakmp.c
index 218f3ddc02123e876febbdb919a7cd220325c8d1..0f6b38bd5305f0473fdcf47213b1b966ca840d69 100644 (file)
--- a/racoon.tproj/isakmp.c
+++ b/racoon.tproj/isakmp.c
@@ -181,6 +181,18 @@ isakmp_handler(so_isakmp)
                plog(LLV_ERROR, LOCATION, (struct sockaddr *)&remote,
                        "packet shorter than isakmp header size.\n");
                /* dummy receive */
+               if ((len = recvfrom(so_isakmp, (char *)&isakmp, sizeof(isakmp),
+                               0, (struct sockaddr *)&remote, &remote_len)) < 0) {
+                       plog(LLV_ERROR, LOCATION, NULL,
+                               "failed to receive isakmp packet\n");
+               }
+               goto end;
+       }
+       
+       /* reject if the size is toooo big */
+       if (ntohl(isakmp.len) > 0xffff) {
+               plog(LLV_ERROR, LOCATION, NULL,
+                       "the length of the isakmp header is too big.\n");
                if ((len = recvfrom(so_isakmp, (char *)&isakmp, sizeof(isakmp),
                            0, (struct sockaddr *)&remote, &remote_len)) < 0) {
                        plog(LLV_ERROR, LOCATION, NULL,