summaryrefslogtreecommitdiff
path: root/sbin/ipsecctl/pfkdump.c
diff options
context:
space:
mode:
authorMarkus Friedl <markus@cvs.openbsd.org>2007-01-03 12:17:44 +0000
committerMarkus Friedl <markus@cvs.openbsd.org>2007-01-03 12:17:44 +0000
commit93e8aa55dd50b47672de31b3b779d3bbcbfd0949 (patch)
tree715a0ae33b3d42879fe996e0546cf2ccf67f7fa7 /sbin/ipsecctl/pfkdump.c
parent8f2a7094ed1bf1b16d6d21f6060e5890a0a10cc4 (diff)
do not print secret keys by default, -k restores old behaviour; ok hshoexer
Diffstat (limited to 'sbin/ipsecctl/pfkdump.c')
-rw-r--r--sbin/ipsecctl/pfkdump.c7
1 files changed, 5 insertions, 2 deletions
diff --git a/sbin/ipsecctl/pfkdump.c b/sbin/ipsecctl/pfkdump.c
index 461ec13882b..bcfa10bd5f6 100644
--- a/sbin/ipsecctl/pfkdump.c
+++ b/sbin/ipsecctl/pfkdump.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: pfkdump.c,v 1.23 2006/11/24 13:52:13 reyk Exp $ */
+/* $OpenBSD: pfkdump.c,v 1.24 2007/01/03 12:17:43 markus Exp $ */
/*
* Copyright (c) 2003 Markus Friedl. All rights reserved.
@@ -618,7 +618,10 @@ pfkey_print_sa(struct sadb_msg *msg, int opts)
setup_extensions(msg);
sa = (struct sadb_sa *)extensions[SADB_EXT_SA];
-
+ if (!(opts & IPSECCTL_OPT_SHOWKEY)) {
+ extensions[SADB_EXT_KEY_AUTH] = NULL;
+ extensions[SADB_EXT_KEY_ENCRYPT] = NULL;
+ }
bzero(&r, sizeof r);
r.type |= RULE_SA;
r.tmode = (msg->sadb_msg_satype != SADB_X_SATYPE_TCPSIGNATURE) &&
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-27 11:45:13 +0000