summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorNiels Provos <provos@cvs.openbsd.org>1997-07-11 23:50:27 +0000
committerNiels Provos <provos@cvs.openbsd.org>1997-07-11 23:50:27 +0000
commit8a55456b9b603c99272d59b33e3eca87fdb5629e (patch)
tree0f86a6b797f0d9037a6df0b69fd0946b6613bcd4
parent57d7f4cd5410ce58d9524fe3e5f956b7cd44de25 (diff)
reflect changes in kernel ipsec
-rw-r--r--sbin/ipsec/Makefile.inc3
-rw-r--r--sbin/ipsec/ipsecadm/xf_ahhmacmd5.c18
-rw-r--r--sbin/ipsec/ipsecadm/xf_ahhmacsha1.c17
-rw-r--r--sbin/ipsec/ipsecadm/xf_ahmd5.c20
-rw-r--r--sbin/ipsec/ipsecadm/xf_ahsha1.c19
-rw-r--r--sbin/ipsec/ipsecadm/xf_delspi.c9
-rw-r--r--sbin/ipsec/ipsecadm/xf_esp3des.c18
-rw-r--r--sbin/ipsec/ipsecadm/xf_esp3desmd5.c17
-rw-r--r--sbin/ipsec/ipsecadm/xf_espdes.c18
-rw-r--r--sbin/ipsec/ipsecadm/xf_espdesmd5.c17
-rw-r--r--sbin/ipsec/ipsecadm/xf_grp.c19
-rw-r--r--sbin/ipsec/rt/rt.c15
-rw-r--r--sbin/ipsec/rtdelete/rtdelete.c13
13 files changed, 112 insertions, 91 deletions
diff --git a/sbin/ipsec/Makefile.inc b/sbin/ipsec/Makefile.inc
index f208c3b74b0..0abaf24c062 100644
--- a/sbin/ipsec/Makefile.inc
+++ b/sbin/ipsec/Makefile.inc
@@ -1,4 +1,5 @@
-# $OpenBSD: Makefile.inc,v 1.1 1997/02/21 23:17:22 niklas Exp $
+# $OpenBSD: Makefile.inc,v 1.2 1997/07/11 23:50:21 provos Exp $
BINDIR= /sbin
+LDSTATIC= ${STATIC}
NOMAN=
diff --git a/sbin/ipsec/ipsecadm/xf_ahhmacmd5.c b/sbin/ipsec/ipsecadm/xf_ahhmacmd5.c
index a90db90b73c..b72c8d49b6b 100644
--- a/sbin/ipsec/ipsecadm/xf_ahhmacmd5.c
+++ b/sbin/ipsec/ipsecadm/xf_ahhmacmd5.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: xf_ahhmacmd5.c,v 1.3 1997/07/01 22:18:01 provos Exp $ */
+/* $OpenBSD: xf_ahhmacmd5.c,v 1.4 1997/07/11 23:50:21 provos Exp $ */
/*
* The author of this code is John Ioannidis, ji@tla.org,
* (except when noted otherwise).
@@ -63,7 +63,7 @@ char **argv;
int klen, i;
struct encap_msghdr *em;
- struct ahhmacmd5_xencap *xd;
+ struct ah_new_xencap *xd;
if (argc != 5) {
fprintf(stderr, "usage: %s src dst spi key\n", argv[0]);
@@ -74,20 +74,22 @@ char **argv;
em = (struct encap_msghdr *)&buf[0];
- em->em_msglen = EMT_SETSPI_FLEN + 4 + AHHMACMD5_KMAX;
+ em->em_msglen = EMT_SETSPI_FLEN + AH_NEW_XENCAP_LEN + klen;
em->em_version = PFENCAP_VERSION_1;
em->em_type = EMT_SETSPI;
em->em_spi = htonl(strtoul(argv[3], NULL, 16));
em->em_src.s_addr = inet_addr(argv[1]);
em->em_dst.s_addr = inet_addr(argv[2]);
- em->em_alg = XF_AHHMACMD5;
- xd = (struct ahhmacmd5_xencap *)(em->em_dat);
+ em->em_alg = XF_NEW_AH;
+ em->em_sproto = IPPROTO_AH;
- xd->amx_alen = 16;
- xd->amx_rpl = 1;
+ xd = (struct ah_new_xencap *)(em->em_dat);
+
+ xd->amx_hash_algorithm = ALG_AUTH_MD5;
xd->amx_wnd = 32;
+ xd->amx_keylen = klen;
- bzero(xd->amx_key, AHHMACMD5_KMAX);
+ bzero(xd->amx_key, klen);
for (i = 0; i < klen; i++ )
xd->amx_key[i] = x2i(&(argv[4][2*i]));
diff --git a/sbin/ipsec/ipsecadm/xf_ahhmacsha1.c b/sbin/ipsec/ipsecadm/xf_ahhmacsha1.c
index c335bd21cd4..fc3e853923b 100644
--- a/sbin/ipsec/ipsecadm/xf_ahhmacsha1.c
+++ b/sbin/ipsec/ipsecadm/xf_ahhmacsha1.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: xf_ahhmacsha1.c,v 1.3 1997/07/01 22:18:02 provos Exp $ */
+/* $OpenBSD: xf_ahhmacsha1.c,v 1.4 1997/07/11 23:50:22 provos Exp $ */
/*
* The author of this code is John Ioannidis, ji@tla.org,
* (except when noted otherwise).
@@ -63,7 +63,7 @@ char **argv;
int klen, i;
struct encap_msghdr *em;
- struct ahhmacsha1_xencap *xd;
+ struct ah_new_xencap *xd;
if (argc != 5) {
fprintf(stderr, "usage: %s src dst spi key\n", argv[0]);
@@ -74,19 +74,22 @@ char **argv;
em = (struct encap_msghdr *)&buf[0];
- em->em_msglen = EMT_SETSPI_FLEN + 4 + AHHMACSHA1_KMAX;
+ em->em_msglen = EMT_SETSPI_FLEN + 12 + klen;
em->em_version = PFENCAP_VERSION_1;
em->em_type = EMT_SETSPI;
em->em_spi = htonl(strtoul(argv[3], NULL, 16));
em->em_src.s_addr = inet_addr(argv[1]);
em->em_dst.s_addr = inet_addr(argv[2]);
- em->em_alg = XF_AHHMACSHA1;
- xd = (struct ahhmacsha1_xencap *)(em->em_dat);
+ em->em_alg = XF_NEW_AH;
+ em->em_sproto = IPPROTO_AH;
- xd->amx_alen = 20;
+ xd = (struct ah_new_xencap *)(em->em_dat);
+
+ xd->amx_hash_algorithm = ALG_AUTH_SHA1;
xd->amx_wnd = 32;
+ xd->amx_keylen = klen;
- bzero(xd->amx_key, AHHMACSHA1_KMAX);
+ bzero(xd->amx_key, klen);
for (i = 0; i < klen; i++ )
xd->amx_key[i] = x2i(&(argv[4][2*i]));
diff --git a/sbin/ipsec/ipsecadm/xf_ahmd5.c b/sbin/ipsec/ipsecadm/xf_ahmd5.c
index a1884ec1e83..1b95d9f9d35 100644
--- a/sbin/ipsec/ipsecadm/xf_ahmd5.c
+++ b/sbin/ipsec/ipsecadm/xf_ahmd5.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: xf_ahmd5.c,v 1.3 1997/07/01 22:18:03 provos Exp $ */
+/* $OpenBSD: xf_ahmd5.c,v 1.4 1997/07/11 23:50:22 provos Exp $ */
/*
* The author of this code is John Ioannidis, ji@tla.org,
* (except when noted otherwise).
@@ -63,7 +63,7 @@ char **argv;
int klen, i;
struct encap_msghdr *em;
- struct ahmd5_xdata *xd;
+ struct ah_old_xencap *xd;
if (argc != 5) {
fprintf(stderr, "usage: %s src dst spi key\n", argv[0]);
@@ -74,22 +74,22 @@ char **argv;
em = (struct encap_msghdr *)&buf[0];
- em->em_msglen = EMT_SETSPI_FLEN + 4 + klen;
+ em->em_msglen = EMT_SETSPI_FLEN + AH_OLD_XENCAP_LEN + klen;
em->em_version = PFENCAP_VERSION_1;
em->em_type = EMT_SETSPI;
em->em_spi = htonl(strtoul(argv[3], NULL, 16));
em->em_src.s_addr = inet_addr(argv[1]);
em->em_dst.s_addr = inet_addr(argv[2]);
- em->em_alg = XF_AHMD5;
- xd = (struct ahmd5_xdata *)(em->em_dat);
+ em->em_alg = XF_OLD_AH;
+ em->em_sproto = IPPROTO_AH;
+
+ xd = (struct ah_old_xencap *)(em->em_dat);
+
+ xd->amx_hash_algorithm = ALG_AUTH_MD5;
+ xd->amx_keylen = klen;
- xd->amx_klen = klen;
- xd->amx_alen = 16;
-
for (i = 0; i < klen; i++ )
xd->amx_key[i] = x2i(&(argv[4][2*i]));
return xf_set(em);
}
-
-
diff --git a/sbin/ipsec/ipsecadm/xf_ahsha1.c b/sbin/ipsec/ipsecadm/xf_ahsha1.c
index 28ba84acc45..1ef428f4644 100644
--- a/sbin/ipsec/ipsecadm/xf_ahsha1.c
+++ b/sbin/ipsec/ipsecadm/xf_ahsha1.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: xf_ahsha1.c,v 1.2 1997/07/01 22:18:04 provos Exp $ */
+/* $OpenBSD: xf_ahsha1.c,v 1.3 1997/07/11 23:50:22 provos Exp $ */
/*
* The author of this code is John Ioannidis, ji@tla.org,
* (except when noted otherwise).
@@ -63,7 +63,7 @@ char **argv;
int klen, i;
struct encap_msghdr *em;
- struct ahsha1_xdata *xd;
+ struct ah_old_xencap *xd;
if (argc != 5) {
fprintf(stderr, "usage: %s src dst spi key\n", argv[0]);
@@ -71,23 +71,22 @@ char **argv;
}
klen = strlen(argv[4])/2;
- if (klen > AHSHA1_KMAX)
- klen = AHSHA1_KMAX;
em = (struct encap_msghdr *)&buf[0];
- em->em_msglen = EMT_SETSPI_FLEN + 4 + klen;
+ em->em_msglen = EMT_SETSPI_FLEN + AH_OLD_XENCAP_LEN + klen;
em->em_version = PFENCAP_VERSION_1;
em->em_type = EMT_SETSPI;
em->em_spi = htonl(strtoul(argv[3], NULL, 16));
em->em_src.s_addr = inet_addr(argv[1]);
em->em_dst.s_addr = inet_addr(argv[2]);
- em->em_alg = XF_AHSHA1;
- xd = (struct ahsha1_xdata *)(em->em_dat);
+ em->em_alg = XF_OLD_AH;
+ em->em_sproto = IPPROTO_AH;
- xd->amx_klen = klen;
- xd->amx_alen = AHSHA1_ALEN;
-
+ xd = (struct ah_old_xencap *)(em->em_dat);
+
+ xd->amx_hash_algorithm = ALG_AUTH_SHA1;
+ xd->amx_keylen = klen;
for (i = 0; i < klen; i++ )
xd->amx_key[i] = x2i(&(argv[4][2*i]));
diff --git a/sbin/ipsec/ipsecadm/xf_delspi.c b/sbin/ipsec/ipsecadm/xf_delspi.c
index ef477a3e752..b9633cc7b1e 100644
--- a/sbin/ipsec/ipsecadm/xf_delspi.c
+++ b/sbin/ipsec/ipsecadm/xf_delspi.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: xf_delspi.c,v 1.3 1997/07/01 22:18:04 provos Exp $ */
+/* $OpenBSD: xf_delspi.c,v 1.4 1997/07/11 23:50:23 provos Exp $ */
/*
* The author of this code is John Ioannidis, ji@tla.org,
* (except when noted otherwise).
@@ -62,12 +62,12 @@ char **argv;
struct encap_msghdr *em;
- if (argc != 4) {
- fprintf(stderr, "usage: %s dst spi chaindelete\n", argv[0]);
+ if (argc != 5) {
+ fprintf(stderr, "usage: %s dst spi fespah chaindelete\n", argv[0]);
return 0;
}
- chain = atoi(argv[3]);
+ chain = atoi(argv[4]);
em = (struct encap_msghdr *)&buf[0];
em->em_version = PFENCAP_VERSION_1;
@@ -80,6 +80,7 @@ char **argv;
}
em->em_gen_spi = htonl(strtoul(argv[2], NULL, 16));
em->em_gen_dst.s_addr = inet_addr(argv[1]);
+ em->em_gen_sproto = atoi(argv[3]) ? IPPROTO_ESP : IPPROTO_AH;
return xf_set(em);
}
diff --git a/sbin/ipsec/ipsecadm/xf_esp3des.c b/sbin/ipsec/ipsecadm/xf_esp3des.c
index 0e5f69be807..c746e48a818 100644
--- a/sbin/ipsec/ipsecadm/xf_esp3des.c
+++ b/sbin/ipsec/ipsecadm/xf_esp3des.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: xf_esp3des.c,v 1.2 1997/07/01 22:18:05 provos Exp $ */
+/* $OpenBSD: xf_esp3des.c,v 1.3 1997/07/11 23:50:23 provos Exp $ */
/*
* The author of this code is John Ioannidis, ji@tla.org,
* (except when noted otherwise).
@@ -63,7 +63,7 @@ char **argv;
int i;
struct encap_msghdr *em;
- struct esp3des_xdata *xd;
+ struct esp_old_xencap *xd;
if (argc != 6) {
fprintf(stderr, "usage: %s src dst spi iv key\n", argv[0]);
@@ -72,22 +72,26 @@ char **argv;
em = (struct encap_msghdr *)&buf[0];
- em->em_msglen = EMT_SETSPI_FLEN + ESP_ULENGTH;
+ em->em_msglen = EMT_SETSPI_FLEN + ESP_OLD_XENCAP_LEN + 4 + 3*8;
em->em_version = PFENCAP_VERSION_1;
em->em_type = EMT_SETSPI;
em->em_spi = htonl(strtoul(argv[3], NULL, 16));
em->em_src.s_addr = inet_addr(argv[1]);
em->em_dst.s_addr = inet_addr(argv[2]);
- em->em_alg = XF_ESP3DES;
- xd = (struct esp3des_xdata *)(em->em_dat);
+ em->em_alg = XF_OLD_ESP;
+ em->em_sproto = IPPROTO_ESP;
+ xd = (struct esp_old_xencap *)(em->em_dat);
+
+ xd->edx_enc_algorithm = ALG_ENC_3DES;
xd->edx_ivlen = 4;
+ xd->edx_keylen = 3*8;
for (i = 0; i < 4; i++)
- xd->edx_iv[i] = x2i(&(argv[4][2*i]));
+ xd->edx_data[i] = x2i(&(argv[4][2*i]));
for (i = 0; i < 3*8; i++)
- xd->edx_iv[i+8] = x2i(&(argv[5][2*i]));
+ xd->edx_data[i+8] = x2i(&(argv[5][2*i]));
return xf_set(em);
}
diff --git a/sbin/ipsec/ipsecadm/xf_esp3desmd5.c b/sbin/ipsec/ipsecadm/xf_esp3desmd5.c
index 8f0badddde8..6eaf97bffd6 100644
--- a/sbin/ipsec/ipsecadm/xf_esp3desmd5.c
+++ b/sbin/ipsec/ipsecadm/xf_esp3desmd5.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: xf_esp3desmd5.c,v 1.3 1997/07/01 22:18:06 provos Exp $ */
+/* $OpenBSD: xf_esp3desmd5.c,v 1.4 1997/07/11 23:50:24 provos Exp $ */
/*
* The author of this code is John Ioannidis, ji@tla.org,
* (except when noted otherwise).
@@ -63,7 +63,7 @@ char **argv;
int i;
struct encap_msghdr *em;
- struct esp3desmd5_xencap *xd;
+ struct esp_new_xencap *xd;
if (argc != 6) {
fprintf(stderr, "usage: %s src dst spi iv key\n", argv[0]);
@@ -72,22 +72,23 @@ char **argv;
em = (struct encap_msghdr *)&buf[0];
- em->em_msglen = EMT_SETSPI_FLEN + ESP3DESMD5_ULENGTH;
+ em->em_msglen = EMT_SETSPI_FLEN + ESP_NEW_XENCAP_LEN;
em->em_version = PFENCAP_VERSION_1;
em->em_type = EMT_SETSPI;
em->em_spi = htonl(strtoul(argv[3], NULL, 16));
em->em_src.s_addr = inet_addr(argv[1]);
em->em_dst.s_addr = inet_addr(argv[2]);
- em->em_alg = XF_ESP3DESMD5;
- xd = (struct esp3desmd5_xencap *)(em->em_dat);
+ em->em_alg = XF_NEW_ESP;
+ em->em_sproto = IPPROTO_ESP;
+
+ xd = (struct esp_new_xencap *)(em->em_dat);
xd->edx_ivlen = 0;
- xd->edx_initiator = 1;
- xd->edx_wnd = 32;
xd->edx_keylen = 8;
+ xd->edx_wnd = 32;
for (i = 0; i < 8; i++)
- xd->edx_key[i] = x2i(&(argv[5][2*i]));
+ xd->edx_data[i] = x2i(&(argv[5][2*i]));
return xf_set(em);
}
diff --git a/sbin/ipsec/ipsecadm/xf_espdes.c b/sbin/ipsec/ipsecadm/xf_espdes.c
index 96022808438..8d62e05c2d2 100644
--- a/sbin/ipsec/ipsecadm/xf_espdes.c
+++ b/sbin/ipsec/ipsecadm/xf_espdes.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: xf_espdes.c,v 1.3 1997/07/01 22:18:07 provos Exp $ */
+/* $OpenBSD: xf_espdes.c,v 1.4 1997/07/11 23:50:24 provos Exp $ */
/*
* The author of this code is John Ioannidis, ji@tla.org,
* (except when noted otherwise).
@@ -63,7 +63,7 @@ char **argv;
int i;
struct encap_msghdr *em;
- struct espdes_xdata *xd;
+ struct esp_old_xencap *xd;
if (argc != 6) {
fprintf(stderr, "usage: %s src dst spi iv key\n", argv[0]);
@@ -72,22 +72,26 @@ char **argv;
em = (struct encap_msghdr *)&buf[0];
- em->em_msglen = EMT_SETSPI_FLEN + ESP_ULENGTH;
+ em->em_msglen = EMT_SETSPI_FLEN + ESP_OLD_XENCAP_LEN + 4 + 8;
em->em_version = PFENCAP_VERSION_1;
em->em_type = EMT_SETSPI;
em->em_spi = htonl(strtoul(argv[3], NULL, 16));
em->em_src.s_addr = inet_addr(argv[1]);
em->em_dst.s_addr = inet_addr(argv[2]);
- em->em_alg = XF_ESPDES;
- xd = (struct espdes_xdata *)(em->em_dat);
+ em->em_alg = XF_OLD_ESP;
+ em->em_sproto = IPPROTO_ESP;
+ xd = (struct esp_old_xencap *)(em->em_dat);
+
+ xd->edx_enc_algorithm = ALG_ENC_DES;
xd->edx_ivlen = 4;
+ xd->edx_keylen = 8;
for (i = 0; i < 4; i++)
- xd->edx_iv[i] = x2i(&(argv[4][2*i]));
+ xd->edx_data[i] = x2i(&(argv[4][2*i]));
for (i = 0; i < 8; i++)
- xd->edx_iv[i+8] = x2i(&(argv[5][2*i]));
+ xd->edx_data[i+4] = x2i(&(argv[5][2*i]));
return xf_set(em);
}
diff --git a/sbin/ipsec/ipsecadm/xf_espdesmd5.c b/sbin/ipsec/ipsecadm/xf_espdesmd5.c
index 713722d156f..b1ad60bddb9 100644
--- a/sbin/ipsec/ipsecadm/xf_espdesmd5.c
+++ b/sbin/ipsec/ipsecadm/xf_espdesmd5.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: xf_espdesmd5.c,v 1.3 1997/07/01 22:18:07 provos Exp $ */
+/* $OpenBSD: xf_espdesmd5.c,v 1.4 1997/07/11 23:50:24 provos Exp $ */
/*
* The author of this code is John Ioannidis, ji@tla.org,
* (except when noted otherwise).
@@ -63,7 +63,7 @@ char **argv;
int i;
struct encap_msghdr *em;
- struct espdesmd5_xencap *xd;
+ struct esp_new_xencap *xd;
if (argc != 6) {
fprintf(stderr, "usage: %s src dst spi iv key\n", argv[0]);
@@ -72,22 +72,23 @@ char **argv;
em = (struct encap_msghdr *)&buf[0];
- em->em_msglen = EMT_SETSPI_FLEN + ESPDESMD5_ULENGTH;
+ em->em_msglen = EMT_SETSPI_FLEN + ESP_NEW_XENCAP_LEN;
em->em_version = PFENCAP_VERSION_1;
em->em_type = EMT_SETSPI;
em->em_spi = htonl(strtoul(argv[3], NULL, 16));
em->em_src.s_addr = inet_addr(argv[1]);
em->em_dst.s_addr = inet_addr(argv[2]);
- em->em_alg = XF_ESPDESMD5;
- xd = (struct espdesmd5_xencap *)(em->em_dat);
+ em->em_alg = XF_NEW_ESP;
+ em->em_sproto = IPPROTO_ESP;
+
+ xd = (struct esp_new_xencap *)(em->em_dat);
xd->edx_ivlen = 0;
- xd->edx_initiator = 1;
- xd->edx_wnd = 32;
xd->edx_keylen = 8;
+ xd->edx_wnd = 32;
for (i = 0; i < 8; i++)
- xd->edx_key[i] = x2i(&(argv[5][2*i]));
+ xd->edx_data[i] = x2i(&(argv[5][2*i]));
return xf_set(em);
}
diff --git a/sbin/ipsec/ipsecadm/xf_grp.c b/sbin/ipsec/ipsecadm/xf_grp.c
index 2b2f44935a9..6c9cd56ee5a 100644
--- a/sbin/ipsec/ipsecadm/xf_grp.c
+++ b/sbin/ipsec/ipsecadm/xf_grp.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: xf_grp.c,v 1.4 1997/07/02 06:59:38 provos Exp $ */
+/* $OpenBSD: xf_grp.c,v 1.5 1997/07/11 23:50:25 provos Exp $ */
/*
* The author of this code is John Ioannidis, ji@tla.org,
* (except when noted otherwise).
@@ -63,12 +63,12 @@ char **argv;
struct encap_msghdr *em;
- if ((argc < 3) || (argc > 9) || ((argc % 2) != 1)) {
- fprintf(stderr, "usage: %s dst1 spi1 [ dst2 spi2 [ dst3 spi3 [ dst4 spi4 ] ] ] \n", argv[0]);
+ if ((argc < 4) || (argc > 13) || ((argc % 3) != 1)) {
+ fprintf(stderr, "usage: %s dst1 spi1 proto1 [ dst2 spi2 proto2 [ dst3 spi3 proto3 [ dst4 spi4 proto4] ] ] \n", argv[0]);
return 0;
}
- for (i=0; i<argc/2-1; i++) {
+ for (i=0; i<argc/3-1; i++) {
bzero(buf, EMT_GRPSPIS_FLEN);
em = (struct encap_msghdr *)&buf[0];
@@ -77,10 +77,13 @@ char **argv;
em->em_version = PFENCAP_VERSION_1;
em->em_type = EMT_GRPSPIS;
- em->em_rel_spi = htonl(strtoul(argv[2*i+2], NULL, 16));
- em->em_rel_dst.s_addr = inet_addr(argv[2*i+1]);
- em->em_rel_spi2 = htonl(strtoul(argv[2*i+4], NULL, 16));
- em->em_rel_dst2.s_addr = inet_addr(argv[2*i+3]);
+ em->em_rel_spi = htonl(strtoul(argv[3*i+2], NULL, 16));
+ em->em_rel_dst.s_addr = inet_addr(argv[3*i+1]);
+ em->em_rel_sproto = atoi(argv[3*i+3]) ? IPPROTO_ESP : IPPROTO_AH;
+
+ em->em_rel_spi2 = htonl(strtoul(argv[3*i+5], NULL, 16));
+ em->em_rel_dst2.s_addr = inet_addr(argv[3*i+4]);
+ em->em_rel_sproto = atoi(argv[3*i+6]) ? IPPROTO_ESP : IPPROTO_AH;
if (!xf_set(em))
break;
diff --git a/sbin/ipsec/rt/rt.c b/sbin/ipsec/rt/rt.c
index cb84c2b9256..996eb13bc7e 100644
--- a/sbin/ipsec/rt/rt.c
+++ b/sbin/ipsec/rt/rt.c
@@ -83,8 +83,8 @@ char **argv;
struct sockaddr_encap *dst, *msk, *gw;
u_char *opts;
- if (argc != 10)
- fprintf(stderr, "usage: %s isrc isrcmask idst idstmask odst spi proto sport dport\n", argv[0]), exit(1);
+ if (argc != 11)
+ fprintf(stderr, "usage: %s isrc isrcmask idst idstmask odst spi fespah proto sport dport\n", argv[0]), exit(1);
sd = socket(PF_ROUTE, SOCK_RAW, AF_UNSPEC);
if (sd < 0)
@@ -111,18 +111,18 @@ char **argv;
dst->sen_ip_dst.s_addr = inet_addr(argv[3]);
dst->sen_proto = dst->sen_sport = dst->sen_dport = 0;
- if (atoi(argv[7]) >= 0)
+ if (atoi(argv[8]) >= 0)
{
dst->sen_proto = atoi(argv[7]);
msk->sen_proto = 0xff;
- if (atoi(argv[8]) >= 0)
+ if (atoi(argv[9]) >= 0)
{
- dst->sen_sport = atoi(argv[8]);
+ dst->sen_sport = atoi(argv[9]);
msk->sen_sport = 0xffff;
}
- if (atoi(argv[9]) >= 0)
+ if (atoi(argv[10]) >= 0)
{
- dst->sen_dport = atoi(argv[9]);
+ dst->sen_dport = atoi(argv[10]);
msk->sen_dport = 0xffff;
}
}
@@ -132,6 +132,7 @@ char **argv;
gw->sen_type = SENT_IPSP;
gw->sen_ipsp_dst.s_addr = inet_addr(argv[5]);
gw->sen_ipsp_spi = htonl(strtoul(argv[6], NULL, 16));
+ gw->sen_ipsp_sproto = atoi(argv[7]) == 1 ? IPPROTO_ESP : IPPROTO_AH;
msk->sen_len = SENT_IP4_LEN;
msk->sen_family = AF_ENCAP;
diff --git a/sbin/ipsec/rtdelete/rtdelete.c b/sbin/ipsec/rtdelete/rtdelete.c
index 2e7e6204f08..841fc8cd761 100644
--- a/sbin/ipsec/rtdelete/rtdelete.c
+++ b/sbin/ipsec/rtdelete/rtdelete.c
@@ -84,8 +84,8 @@ char **argv;
struct sockaddr_dl *dl;
u_char *opts;
- if (argc != 10)
- fprintf(stderr, "usage: %s isrc isrcmask idst idstmask odst spi proto sport dport\n", argv[0]), exit(1);
+ if (argc != 11)
+ fprintf(stderr, "usage: %s isrc isrcmask idst idstmask odst spi fespah proto sport dport\n", argv[0]), exit(1);
sd = socket(PF_ROUTE, SOCK_RAW, AF_UNSPEC);
if (sd < 0)
@@ -112,18 +112,18 @@ char **argv;
dst->sen_ip_dst.s_addr = inet_addr(argv[3]);
dst->sen_proto = dst->sen_sport = dst->sen_dport = 0;
- if (atoi(argv[7]) >= 0)
+ if (atoi(argv[8]) >= 0)
{
dst->sen_proto = atoi(argv[7]);
msk->sen_proto = 0xff;
if (atoi(argv[8]) >= 0)
{
- dst->sen_sport = atoi(argv[8]);
+ dst->sen_sport = atoi(argv[9]);
msk->sen_sport = 0xffff;
}
- if (atoi(argv[9]) >= 0)
+ if (atoi(argv[10]) >= 0)
{
- dst->sen_dport = atoi(argv[9]);
+ dst->sen_dport = atoi(argv[10]);
msk->sen_dport = 0xffff;
}
}
@@ -133,6 +133,7 @@ char **argv;
gw->sen_type = SENT_IPSP;
gw->sen_ipsp_dst.s_addr = inet_addr(argv[5]);
gw->sen_ipsp_spi = htonl(strtoul(argv[6], NULL, 16));
+ gw->sen_ipsp_sproto = atoi(argv[7]) == 1 ? IPPROTO_ESP : IPPROTO_AH;
msk->sen_len = SENT_IP4_LEN;
msk->sen_family = AF_ENCAP;