prepare for combining SAs and flows in one single rule, no functional change

yet.

3 files changed, 13 insertions, 18 deletions

diff --git a/sbin/ipsecctl/ipsecctl.c b/sbin/ipsecctl/ipsecctl.c
index 0e668ab8ecc..5a991178941 100644
--- a/sbin/ipsecctl/ipsecctl.c
+++ b/sbin/ipsecctl/ipsecctl.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: ipsecctl.c,v 1.18 2005/07/09 21:41:08 hshoexer Exp $	*/
+/*	$OpenBSD: ipsecctl.c,v 1.19 2005/07/24 10:06:38 hshoexer Exp $	*/
 /*
  * Copyright (c) 2004, 2005 Hans-Joerg Hoexer <hshoexer@openbsd.org>
  *
@@ -255,15 +255,10 @@ ipsecctl_print_rule(struct ipsec_rule *r, int opts)
 
 	printf("%s", ruletype[r->type]);
 
-	switch (r->type) {
-	case RULE_FLOW:
+	if (r->type & RULE_FLOW)
 		ipsecctl_print_flow(r, opts);
-		break;
-	case RULE_SA:
+	if (r->type & RULE_SA)
 		ipsecctl_print_sa(r, opts);
-		break;
-	}
-
 	printf("\n");
 }
 
@@ -315,7 +310,7 @@ ipsecctl_get_rules(struct ipsecctl *ipsec)
 		if (rule == NULL)
 			err(1, "malloc");
 		rule->nr = ipsec->rule_nr++;
-		rule->type = RULE_FLOW;
+		rule->type |= RULE_FLOW;
 
 		if (pfkey_parse(msg, rule))
 			errx(1, "failed to parse pfkey message");
diff --git a/sbin/ipsecctl/ipsecctl.h b/sbin/ipsecctl/ipsecctl.h
index 4bb53203b5f..679a97e4b2c 100644
--- a/sbin/ipsecctl/ipsecctl.h
+++ b/sbin/ipsecctl/ipsecctl.h
@@ -1,4 +1,4 @@
-/*	$OpenBSD: ipsecctl.h,v 1.10 2005/07/09 21:05:02 hshoexer Exp $	*/
+/*	$OpenBSD: ipsecctl.h,v 1.11 2005/07/24 10:06:38 hshoexer Exp $	*/
 /*
  * Copyright (c) 2004, 2005 Hans-Joerg Hoexer <hshoexer@openbsd.org>
  *
@@ -28,9 +28,9 @@
 #define IPSECCTL_OPT_FLUSH		0x0100
 #define IPSECCTL_OPT_DELETE		0x0200
 
-enum {
-	RULE_UNKNOWN, RULE_FLOW, RULE_SA
-};
+#define RULE_FLOW	0x01
+#define RULE_SA		0x02
+
 enum {
 	DIRECTION_UNKNOWN, IPSEC_IN, IPSEC_OUT, IPSEC_INOUT
 };
diff --git a/sbin/ipsecctl/parse.y b/sbin/ipsecctl/parse.y
index 3d404375953..ea907cc7e77 100644
--- a/sbin/ipsecctl/parse.y
+++ b/sbin/ipsecctl/parse.y
@@ -1,4 +1,4 @@
-/*	$OpenBSD: parse.y,v 1.12 2005/07/23 20:35:04 hshoexer Exp $	*/
+/*	$OpenBSD: parse.y,v 1.13 2005/07/24 10:06:38 hshoexer Exp $	*/
 
 /*
  * Copyright (c) 2002, 2003, 2004 Henning Brauer <henning@openbsd.org>
@@ -842,7 +842,7 @@ create_sa(struct ipsec_addr *src, struct ipsec_addr *dst, u_int32_t spi,
 	if (r == NULL)
 		err(1, "calloc");
 
-	r->type = RULE_SA;
+	r->type |= RULE_SA;
 
 	r->src = src;
 	r->dst = dst;
@@ -864,7 +864,7 @@ reverse_sa(struct ipsec_rule *rule, u_int32_t spi, struct ipsec_key *key)
 	if (reverse == NULL)
 		err(1, "calloc");
 
-	reverse->type = RULE_SA;
+	reverse->type |= RULE_SA;
 	reverse->src = copyhost(rule->dst);
 	reverse->dst = copyhost(rule->src);
 	reverse->spi = spi;
@@ -884,7 +884,7 @@ create_flow(u_int8_t dir, struct ipsec_addr *src, struct ipsec_addr *dst,
 	if (r == NULL)
 		err(1, "calloc");
 	
-	r->type = RULE_FLOW;
+	r->type |= RULE_FLOW;
 
 	if (dir == IPSEC_INOUT)
 		r->direction = IPSEC_OUT;
@@ -948,7 +948,7 @@ reverse_rule(struct ipsec_rule *rule)
 	if (reverse == NULL)
 		err(1, "calloc");
 
-	reverse->type = RULE_FLOW;
+	reverse->type |= RULE_FLOW;
 	
 	if (rule->direction == (u_int8_t)IPSEC_OUT) {
 		reverse->direction = (u_int8_t)IPSEC_IN;