diff options
| author | Niklas Hallqvist <niklas@cvs.openbsd.org> | 1999-07-15 14:56:27 +0000 |
|---|---|---|
| committer | Niklas Hallqvist <niklas@cvs.openbsd.org> | 1999-07-15 14:56:27 +0000 |
| commit | 6f22e9ed30ecef9cb01c901383188eb82544f3f3 (patch) | |
| tree | b6d07f81d9b15f16ca40ad43c8c54e4a90b4469b /sbin/ipsecadm | |
| parent | 979395afc155fdce7da24580d2111026ed357fa7 (diff) | |
SPI 0 is the one we use for demand keying, IANA reserved SPIs are not
allowed
Diffstat (limited to 'sbin/ipsecadm')
| -rw-r--r-- | sbin/ipsecadm/ipsecadm.c | 21 |
1 files changed, 13 insertions, 8 deletions
diff --git a/sbin/ipsecadm/ipsecadm.c b/sbin/ipsecadm/ipsecadm.c index 218a1c21cf5..889d44166fb 100644 --- a/sbin/ipsecadm/ipsecadm.c +++ b/sbin/ipsecadm/ipsecadm.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ipsecadm.c,v 1.20 1999/07/02 23:37:32 deraadt Exp $ */ +/* $OpenBSD: ipsecadm.c,v 1.21 1999/07/15 14:56:26 niklas Exp $ */ /* * The authors of this code are John Ioannidis (ji@tla.org), * Angelos D. Keromytis (kermit@csd.uch.gr) and @@ -206,7 +206,7 @@ main(int argc, char **argv) int auth = 0, enc = 0, klen = 0, alen = 0, mode = ESP_NEW, i = 0; int proto = IPPROTO_ESP, proto2 = IPPROTO_AH; int dport = -1, sport = -1, tproto = -1; - u_int32_t spi = 0, spi2 = 0; + u_int32_t spi = SPI_RESERVED_MIN, spi2 = SPI_RESERVED_MIN; union sockaddr_union src, dst, dst2, osrc, odst, osmask, odmask, proxy; int srcset = 0, dstset = 0, dst2set = 0; u_char *keyp = NULL, *authp = NULL; @@ -469,9 +469,11 @@ main(int argc, char **argv) continue; } - if (!strcmp(argv[i] + 1, "spi") && spi == 0 && (i + 1 < argc)) + if (!strcmp(argv[i] + 1, "spi") && spi == SPI_RESERVED_MIN && + (i + 1 < argc)) { - if ((spi = htonl(strtoul(argv[i + 1], NULL, 16))) == 0) + spi = htonl(strtoul(argv[i + 1], NULL, 16)); + if (spi >= SPI_RESERVED_MIN && spi <= SPI_RESERVED_MAX) { fprintf(stderr, "%s: invalid spi %s\n", argv[0], argv[i + 1]); exit(1); @@ -482,10 +484,12 @@ main(int argc, char **argv) continue; } - if (!strcmp(argv[i] + 1, "spi2") && spi2 == 0 && + if (!strcmp(argv[i] + 1, "spi2") && spi2 == SPI_RESERVED_MIN && (iscmd(mode, GRP_SPI) || iscmd(mode, BINDSA)) && (i + 1 < argc)) { - if ((spi2 = htonl(strtoul(argv[i + 1], NULL, 16))) == 0) + spi2 = htonl(strtoul(argv[i + 1], NULL, 16)); + if (spi2 == SPI_LOCAL_USE || + (spi2 >= SPI_RESERVED_MIN && spi2 <= SPI_RESERVED_MAX)) { fprintf(stderr, "%s: invalid spi2 %s\n", argv[0], argv[i + 1]); exit(1); @@ -885,13 +889,14 @@ main(int argc, char **argv) exit(1); } - if (spi == 0) + if (spi == SPI_RESERVED_MIN) { fprintf(stderr, "%s: no SPI specified\n", argv[0]); exit(1); } - if ((iscmd(mode, GRP_SPI) || iscmd(mode, BINDSA)) && spi2 == 0) + if ((iscmd(mode, GRP_SPI) || iscmd(mode, BINDSA)) && + spi2 == SPI_RESERVED_MIN) { fprintf(stderr, "%s: no SPI2 specified\n", argv[0]); exit(1); |