From cd48d883bd9c3b2dc3ef294215deab09e3824215 Mon Sep 17 00:00:00 2001 From: "Andrey V. Elsukov" Date: Fri, 3 Nov 2017 11:33:13 +0000 Subject: [PATCH] Use correct pointer in key_updateaddresses() when updating NAT-T config. key_updateaddresses() is used to update SA addresses and NAT-T configuration in SADB_UPDATE message. This is done using cloning SA content from old SA into new one. But addresses and NAT-T configuration are taking from SADB_UPDATE message. Use newsa pointer to set NAT-T properties into cloned SA. PR: 223382 MFC after: 1 week --- sys/netipsec/key.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sys/netipsec/key.c b/sys/netipsec/key.c index 7a57a315c87..3c320cec116 100644 --- a/sys/netipsec/key.c +++ b/sys/netipsec/key.c @@ -5100,7 +5100,7 @@ key_updateaddresses(struct socket *so, struct mbuf *m, newsav->natt = NULL; newsav->sah = sah; newsav->state = SADB_SASTATE_MATURE; - error = key_setnatt(sav, mhp); + error = key_setnatt(newsav, mhp); if (error != 0) goto fail;