move autodetection of the ID type to the parser. this way the

static flows have the correct ID, too. ok hshoexer, reyk

3 files changed, 83 insertions, 2 deletions

diff --git a/regress/sbin/ipsecctl/Makefile b/regress/sbin/ipsecctl/Makefile
index f549374c4f3..fd13187819b 100644
--- a/regress/sbin/ipsecctl/Makefile
+++ b/regress/sbin/ipsecctl/Makefile
@@ -1,4 +1,4 @@
-# $OpenBSD: Makefile,v 1.47 2007/02/19 10:12:45 hshoexer Exp $
+# $OpenBSD: Makefile,v 1.48 2007/03/16 20:51:01 markus Exp $
 
 # you can update the *.ok files with: make -i | patch
 # TARGETS
@@ -19,7 +19,7 @@ IKEFAIL=1 3 4 5 6 7 8 9 10 11 12
 IKETESTS=1 2 3 4 5 6 7 8 9 10 11 12 13 14 15
 IKETESTS+=16 17 18 19 20 21 22 23
 IKETESTS+=29 30 31 32 33 34 35 36 37 38 39 40
-IKETESTS+=41 42 43 46 47 48 49 50 51 52 53 54 55 56
+IKETESTS+=41 42 43 46 47 48 49 50 51 52 53 54 55 56 57
 
 IKEDELTESTS=1 2 3 4 5 6 7 8 9 10 11 12 13 14 15
 IKEDELTESTS+=16 17 18 19 20 21 22 23
diff --git a/regress/sbin/ipsecctl/ike57.in b/regress/sbin/ipsecctl/ike57.in
new file mode 100644
index 00000000000..1d947fb9981
--- /dev/null
+++ b/regress/sbin/ipsecctl/ike57.in
@@ -0,0 +1,3 @@
+ike from 10.0.0.0/24 to 10.0.1.0/24 peer 192.168.0.1 srcid me@example.com dstid other.example.com
+ike from 10.0.0.0/24 to 10.0.2.0/24 peer 192.168.0.2 srcid me@example.com dstid other@example.com
+ike from 10.0.0.0/24 to 10.0.3.0/24 peer 192.168.0.3 srcid me.example.com dstid other@example.com
diff --git a/regress/sbin/ipsecctl/ike57.ok b/regress/sbin/ipsecctl/ike57.ok
new file mode 100644
index 00000000000..6f77ea5f6fa
--- /dev/null
+++ b/regress/sbin/ipsecctl/ike57.ok
@@ -0,0 +1,78 @@
+C set [Phase 1]:192.168.0.1=peer-192.168.0.1 force
+C set [peer-192.168.0.1]:Phase=1 force
+C set [peer-192.168.0.1]:Address=192.168.0.1 force
+C set [peer-192.168.0.1]:Configuration=mm-192.168.0.1 force
+C set [mm-192.168.0.1]:EXCHANGE_TYPE=ID_PROT force
+C add [mm-192.168.0.1]:Transforms=AES-SHA-RSA_SIG force
+C set [peer-192.168.0.1]:ID=me@example.com-ID force
+C set [me@example.com-ID]:ID-type=USER_FQDN force
+C set [me@example.com-ID]:Name=me@example.com force
+C set [peer-192.168.0.1]:Remote-ID=192.168.0.1-ID force
+C set [192.168.0.1-ID]:ID-type=FQDN force
+C set [192.168.0.1-ID]:Name=other.example.com force
+C set [IPsec-10.0.0.0/24-10.0.1.0/24]:Phase=2 force
+C set [IPsec-10.0.0.0/24-10.0.1.0/24]:ISAKMP-peer=peer-192.168.0.1 force
+C set [IPsec-10.0.0.0/24-10.0.1.0/24]:Configuration=qm-10.0.0.0/24-10.0.1.0/24 force
+C set [IPsec-10.0.0.0/24-10.0.1.0/24]:Local-ID=lid-10.0.0.0/24 force
+C set [IPsec-10.0.0.0/24-10.0.1.0/24]:Remote-ID=rid-10.0.1.0/24 force
+C set [qm-10.0.0.0/24-10.0.1.0/24]:EXCHANGE_TYPE=QUICK_MODE force
+C set [qm-10.0.0.0/24-10.0.1.0/24]:Suites=QM-ESP-AES-SHA2-256-PFS-SUITE force
+C set [lid-10.0.0.0/24]:ID-type=IPV4_ADDR_SUBNET force
+C set [lid-10.0.0.0/24]:Network=10.0.0.0 force
+C set [lid-10.0.0.0/24]:Netmask=255.255.255.0 force
+C set [rid-10.0.1.0/24]:ID-type=IPV4_ADDR_SUBNET force
+C set [rid-10.0.1.0/24]:Network=10.0.1.0 force
+C set [rid-10.0.1.0/24]:Netmask=255.255.255.0 force
+C add [Phase 2]:Connections=IPsec-10.0.0.0/24-10.0.1.0/24
+C set [Phase 1]:192.168.0.2=peer-192.168.0.2 force
+C set [peer-192.168.0.2]:Phase=1 force
+C set [peer-192.168.0.2]:Address=192.168.0.2 force
+C set [peer-192.168.0.2]:Configuration=mm-192.168.0.2 force
+C set [mm-192.168.0.2]:EXCHANGE_TYPE=ID_PROT force
+C add [mm-192.168.0.2]:Transforms=AES-SHA-RSA_SIG force
+C set [peer-192.168.0.2]:ID=me@example.com-ID force
+C set [me@example.com-ID]:ID-type=USER_FQDN force
+C set [me@example.com-ID]:Name=me@example.com force
+C set [peer-192.168.0.2]:Remote-ID=192.168.0.2-ID force
+C set [192.168.0.2-ID]:ID-type=USER_FQDN force
+C set [192.168.0.2-ID]:Name=other@example.com force
+C set [IPsec-10.0.0.0/24-10.0.2.0/24]:Phase=2 force
+C set [IPsec-10.0.0.0/24-10.0.2.0/24]:ISAKMP-peer=peer-192.168.0.2 force
+C set [IPsec-10.0.0.0/24-10.0.2.0/24]:Configuration=qm-10.0.0.0/24-10.0.2.0/24 force
+C set [IPsec-10.0.0.0/24-10.0.2.0/24]:Local-ID=lid-10.0.0.0/24 force
+C set [IPsec-10.0.0.0/24-10.0.2.0/24]:Remote-ID=rid-10.0.2.0/24 force
+C set [qm-10.0.0.0/24-10.0.2.0/24]:EXCHANGE_TYPE=QUICK_MODE force
+C set [qm-10.0.0.0/24-10.0.2.0/24]:Suites=QM-ESP-AES-SHA2-256-PFS-SUITE force
+C set [lid-10.0.0.0/24]:ID-type=IPV4_ADDR_SUBNET force
+C set [lid-10.0.0.0/24]:Network=10.0.0.0 force
+C set [lid-10.0.0.0/24]:Netmask=255.255.255.0 force
+C set [rid-10.0.2.0/24]:ID-type=IPV4_ADDR_SUBNET force
+C set [rid-10.0.2.0/24]:Network=10.0.2.0 force
+C set [rid-10.0.2.0/24]:Netmask=255.255.255.0 force
+C add [Phase 2]:Connections=IPsec-10.0.0.0/24-10.0.2.0/24
+C set [Phase 1]:192.168.0.3=peer-192.168.0.3 force
+C set [peer-192.168.0.3]:Phase=1 force
+C set [peer-192.168.0.3]:Address=192.168.0.3 force
+C set [peer-192.168.0.3]:Configuration=mm-192.168.0.3 force
+C set [mm-192.168.0.3]:EXCHANGE_TYPE=ID_PROT force
+C add [mm-192.168.0.3]:Transforms=AES-SHA-RSA_SIG force
+C set [peer-192.168.0.3]:ID=me.example.com-ID force
+C set [me.example.com-ID]:ID-type=FQDN force
+C set [me.example.com-ID]:Name=me.example.com force
+C set [peer-192.168.0.3]:Remote-ID=192.168.0.3-ID force
+C set [192.168.0.3-ID]:ID-type=USER_FQDN force
+C set [192.168.0.3-ID]:Name=other@example.com force
+C set [IPsec-10.0.0.0/24-10.0.3.0/24]:Phase=2 force
+C set [IPsec-10.0.0.0/24-10.0.3.0/24]:ISAKMP-peer=peer-192.168.0.3 force
+C set [IPsec-10.0.0.0/24-10.0.3.0/24]:Configuration=qm-10.0.0.0/24-10.0.3.0/24 force
+C set [IPsec-10.0.0.0/24-10.0.3.0/24]:Local-ID=lid-10.0.0.0/24 force
+C set [IPsec-10.0.0.0/24-10.0.3.0/24]:Remote-ID=rid-10.0.3.0/24 force
+C set [qm-10.0.0.0/24-10.0.3.0/24]:EXCHANGE_TYPE=QUICK_MODE force
+C set [qm-10.0.0.0/24-10.0.3.0/24]:Suites=QM-ESP-AES-SHA2-256-PFS-SUITE force
+C set [lid-10.0.0.0/24]:ID-type=IPV4_ADDR_SUBNET force
+C set [lid-10.0.0.0/24]:Network=10.0.0.0 force
+C set [lid-10.0.0.0/24]:Netmask=255.255.255.0 force
+C set [rid-10.0.3.0/24]:ID-type=IPV4_ADDR_SUBNET force
+C set [rid-10.0.3.0/24]:Network=10.0.3.0 force
+C set [rid-10.0.3.0/24]:Netmask=255.255.255.0 force
+C add [Phase 2]:Connections=IPsec-10.0.0.0/24-10.0.3.0/24