summaryrefslogtreecommitdiff
path: root/usr/src/uts/common
diff options
context:
space:
mode:
Diffstat (limited to 'usr/src/uts/common')
-rw-r--r--usr/src/uts/common/inet/ip/sadb.c4
-rw-r--r--usr/src/uts/common/net/pfkeyv2.h3
2 files changed, 5 insertions, 2 deletions
diff --git a/usr/src/uts/common/inet/ip/sadb.c b/usr/src/uts/common/inet/ip/sadb.c
index b56f09d029..a45f69c19e 100644
--- a/usr/src/uts/common/inet/ip/sadb.c
+++ b/usr/src/uts/common/inet/ip/sadb.c
@@ -4468,7 +4468,9 @@ sadb_check_kmc(ipsa_query_t *sq, ipsa_t *sa, int *diagnostic)
return (EINVAL);
}
- if ((kmc != 0) && (sa->ipsa_kmc != 0) && (sa->ipsa_kmc != kmc)) {
+ /* Allow IKEv2 KMCs to update the kmc value for rekeying */
+ if ((kmp != SADB_X_KMP_IKEV2) && (kmc != 0) && (sa->ipsa_kmc != 0) &&
+ (sa->ipsa_kmc != kmc)) {
*diagnostic = SADB_X_DIAGNOSTIC_DUPLICATE_KMC;
return (EINVAL);
}
diff --git a/usr/src/uts/common/net/pfkeyv2.h b/usr/src/uts/common/net/pfkeyv2.h
index 741de5007d..909c73414a 100644
--- a/usr/src/uts/common/net/pfkeyv2.h
+++ b/usr/src/uts/common/net/pfkeyv2.h
@@ -841,8 +841,9 @@ typedef struct sadb_x_edump {
#define SADB_X_KMP_MANUAL 0 /* Cookie is ignored. */
#define SADB_X_KMP_IKE 1
#define SADB_X_KMP_KINK 2
+#define SADB_X_KMP_IKEV2 3
-#define SADB_X_KMP_MAX 2
+#define SADB_X_KMP_MAX 3
/*
* Handy conversion macros. Not part of the PF_KEY spec...
generated by cgit v1.2.3 (git 2.39.1) at 2025-06-26 12:09:41 +0000