incorporate functionality of rt and rtdelete commands into ipsecadm,

some improvements to manpage, stricter option checking, -Wall.

3 files changed, 0 insertions, 259 deletions

diff --git a/sbin/ipsec/rt/Makefile b/sbin/ipsec/rt/Makefile
deleted file mode 100644
index 746123c1975..00000000000
--- a/sbin/ipsec/rt/Makefile
+++ /dev/null
@@ -1,5 +0,0 @@
-#	$OpenBSD: Makefile,v 1.3 1997/09/05 10:07:25 provos Exp $
-
-PROG=	rt
-
-.include <bsd.prog.mk>
diff --git a/sbin/ipsec/rt/rt.1 b/sbin/ipsec/rt/rt.1
deleted file mode 100644
index 3445dc67625..00000000000
--- a/sbin/ipsec/rt/rt.1
+++ /dev/null
@@ -1,107 +0,0 @@
-.\" $OpenBSD: rt.1,v 1.2 1998/03/05 09:30:52 provos Exp $
-.\" Copyright 1997 Niels Provos <provos@physnet.uni-hamburg.de>
-.\" All rights reserved.
-.\"
-.\" Redistribution and use in source and binary forms, with or without
-.\" modification, are permitted provided that the following conditions
-.\" are met:
-.\" 1. Redistributions of source code must retain the above copyright
-.\"    notice, this list of conditions and the following disclaimer.
-.\" 2. Redistributions in binary form must reproduce the above copyright
-.\"    notice, this list of conditions and the following disclaimer in the
-.\"    documentation and/or other materials provided with the distribution.
-.\" 3. All advertising materials mentioning features or use of this software
-.\"    must display the following acknowledgement:
-.\"      This product includes software developed by Niels Provos.
-.\" 4. The name of the author may not be used to endorse or promote products
-.\"    derived from this software without specific prior written permission.
-.\"
-.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
-.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
-.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
-.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
-.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
-.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
-.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
-.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
-.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
-.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-.\"
-.\" Manual page, using -mandoc macros
-.\"
-.Dd September 5, 1997
-.Dt RT 1
-.Os
-.Sh NAME
-.Nm rt
-.Nd create IPSec routing entries
-.Sh SYNOPSIS
-.Nm rt
-.Ar isrc
-.Ar isrcmask
-.Ar idst
-.Ar idstmask
-.Ar tproto
-.Ar sport
-.Ar dport
-.Ar raddr
-.Ar spi
-.Ar fespah
-.Sh DESCRIPTION
-The
-.Nm rt
-utility creates a routing entry for IPSec. A Security association
-must already be established with either
-.Xr photurisd 8
-or
-.Xr ipsecadm 1 .
-The arguments are: 
-.Pp
-.Bl -tag -width idstmask_
-.It isrc
-The initial source address.
-.It isrcmask
-The network mask for the initial source address. The source
-address of outgoing packets has to match the address range
-specified by 
-.Nm isrc 
-and 
-.Nm isrcmask
-to be routed through IPSec.
-.It idst
-The initial destination address.
-.It idstmask
-The network mask for the initial destination address. The destination
-address of outgoing packets has to match the address range
-specified by
-.Nm idst 
-and 
-.Nm idstmask
-to be routed through IPSec.
-.It tproto
-The protocol number packets have to match to be routed.
-Specify -1 as wildcard.
-.It sport
-The source port of a packet if applicable. Specify -1 as wildcard.
-.It dport
-The destination port aof a packet if applicable. Specify -1 as wildcard.
-.It raddr
-The destination address of the security association. If you dont
-use tunnel mode that will be the same as 
-.Nm idst .
-.It spi
-The Security Parameter Index of the security association.
-.It fespah
-Specifies the security protocol of the SA. Use either 0 for AH or
-1 for ESP.
-.El
-.Sh EXAMPLE
-Route packets for ESP in transport mode:
-.Pp
-rt 0.0.0.0 255.255.255.255 remote 255.255.255.255 -1 -1 -1 remote SPI 1
-.Pp
-rt localip 255.255.255.255 remote 255.255.255.255 -1 -1 -1 remote SPI 1
-.Sh SEE ALSO
-.Xr ipsecadm 1 ,
-.Xr netstat 1 , 
-.Xr photurisd 8 .
diff --git a/sbin/ipsec/rt/rt.c b/sbin/ipsec/rt/rt.c
deleted file mode 100644
index 3e4cfd3129a..00000000000
--- a/sbin/ipsec/rt/rt.c
+++ /dev/null
@@ -1,147 +0,0 @@
-/*
- * The author of this code is John Ioannidis, ji@tla.org,
- * 	(except when noted otherwise).
- *
- * This code was written for BSD/OS in Athens, Greece, in November 1995.
- *
- * Ported to OpenBSD and NetBSD, with additional transforms, in December 1996,
- * by Angelos D. Keromytis, kermit@forthnet.gr.
- *
- * Copyright (C) 1995, 1996, 1997 by John Ioannidis and Angelos D. Keromytis.
- *	
- * Permission to use, copy, and modify this software without fee
- * is hereby granted, provided that this entire notice is included in
- * all copies of any software which is or includes a copy or
- * modification of this software.
- *
- * THIS SOFTWARE IS BEING PROVIDED "AS IS", WITHOUT ANY EXPRESS OR
- * IMPLIED WARRANTY. IN PARTICULAR, NEITHER AUTHOR MAKES ANY
- * REPRESENTATION OR WARRANTY OF ANY KIND CONCERNING THE
- * MERCHANTABILITY OF THIS SOFTWARE OR ITS FITNESS FOR ANY PARTICULAR
- * PURPOSE.
- */
-
-#include <sys/param.h>
-#include <sys/file.h>
-#include <sys/socket.h>
-#include <sys/ioctl.h>
-#include <sys/mbuf.h>
-#include <sys/sysctl.h>
-
-#include <net/if.h>
-#include <net/route.h>
-#include <net/if_dl.h>
-#include <netinet/in.h>
-#include <netns/ns.h>
-#include <netiso/iso.h>
-#include <netccitt/x25.h>
-#include <arpa/inet.h>
-#include <netdb.h>
-
-#include <errno.h>
-#include <unistd.h>
-#include <stdio.h>
-#include <ctype.h>
-#include <stdlib.h>
-#include <string.h>
-#include <paths.h>
-
- 
-#define INET
-#include "net/encap.h"
-
-char buf[2048];
-
-int
-main(int argc, char **argv)
-{
-    struct sockaddr_encap *dst, *msk, *gw;
-    struct rt_msghdr *rtm;
-    int sd, proto;
-
-    if (argc != 11)
-      fprintf(stderr, "usage: %s isrc isrcmask idst idstmask tproto sport dport raddr spi fespah\n", argv[0]), exit(1);
-    
-    switch(argv[10][0]) {
-    case '0':
-	 proto = IPPROTO_AH;
-	 break;
-    case '1':
-	 proto = IPPROTO_ESP;
-	 break;
-    case '-':
-	 proto = 0;
-	 break;
-    case 'p':
-	 proto = atoi(argv[10]+1);
-	 break;
-    default:
-	 fprintf(stderr, "flag fespah: wrong value %s\n", argv[10]);
-	 exit(-1);
-    }	 
-
-
-    sd = socket(PF_ROUTE, SOCK_RAW, AF_UNSPEC);
-    if (sd < 0)
-      perror("socket"), exit(1);
-	
-    rtm = (struct rt_msghdr *)(&buf[0]);
-    dst = (struct sockaddr_encap *) (&buf[sizeof (*rtm)]);
-    gw = (struct sockaddr_encap *) (&buf[sizeof (*rtm) + SENT_IP4_LEN]);
-    msk = (struct sockaddr_encap *) (&buf[sizeof (*rtm) + SENT_IP4_LEN +
-					  SENT_IPSP_LEN]);
-	
-    rtm->rtm_version = RTM_VERSION;
-    rtm->rtm_type = RTM_ADD;
-    rtm->rtm_index = 0;
-    rtm->rtm_pid = getpid();
-    rtm->rtm_addrs = RTA_DST | RTA_GATEWAY | RTA_NETMASK /* | RTA_IFP */;
-    rtm->rtm_errno = 0;
-    rtm->rtm_flags = RTF_UP | RTF_GATEWAY | RTF_STATIC;
-    rtm->rtm_inits = 0;
-	
-    dst->sen_len = SENT_IP4_LEN;
-    dst->sen_family = AF_ENCAP;
-    dst->sen_type = SENT_IP4;
-    dst->sen_ip_src.s_addr = inet_addr(argv[1]);
-    dst->sen_ip_dst.s_addr = inet_addr(argv[3]);
-    dst->sen_proto = dst->sen_sport = dst->sen_dport = 0;
-    
-    if (atoi(argv[5]) > 0)
-    {
-	dst->sen_proto = atoi(argv[5]);
-	msk->sen_proto = 0xff;
-
-	if (atoi(argv[6]) > 0)
-	{
-	    dst->sen_sport = atoi(argv[6]);
-	    msk->sen_sport = 0xffff;
-	}
-
-	if (atoi(argv[7]) > 0)
-	{
-	    dst->sen_dport = atoi(argv[7]);
-	    msk->sen_dport = 0xffff;
-	}
-    }
-
-    gw->sen_len = SENT_IPSP_LEN;
-    gw->sen_family = AF_ENCAP;
-    gw->sen_type = SENT_IPSP;
-    gw->sen_ipsp_dst.s_addr = inet_addr(argv[8]);
-    gw->sen_ipsp_spi = htonl(strtoul(argv[9], NULL, 16));
-    gw->sen_ipsp_sproto = proto;
-
-    msk->sen_len = SENT_IP4_LEN;
-    msk->sen_family = AF_ENCAP;
-    msk->sen_type = SENT_IP4;
-    msk->sen_ip_src.s_addr = inet_addr(argv[2]);
-    msk->sen_ip_dst.s_addr = inet_addr(argv[4]);
-
-    rtm->rtm_msglen = sizeof(*rtm) + dst->sen_len + gw->sen_len +
-		      msk->sen_len;
-	
-    if (write(sd, (caddr_t) buf, rtm->rtm_msglen) < 0)
-      perror("write");
-    exit(0);
-}