diff options
| author | Markus Friedl <markus@cvs.openbsd.org> | 2006-06-02 12:29:44 +0000 |
|---|---|---|
| committer | Markus Friedl <markus@cvs.openbsd.org> | 2006-06-02 12:29:44 +0000 |
| commit | b15abbd7eda483de9ad742845e6f720de6e48eca (patch) | |
| tree | b876889fd6bc762541f8bb25feb272cf8900e7c4 /sbin/ipsecctl | |
| parent | e3d531fb8627116efdbfa1792ae7e63ff68aeb23 (diff) | |
print full information about tcpmd5 and ipcomp SAs, too
Diffstat (limited to 'sbin/ipsecctl')
| -rw-r--r-- | sbin/ipsecctl/ipsecctl.h | 3 | ||||
| -rw-r--r-- | sbin/ipsecctl/pfkdump.c | 21 |
2 files changed, 21 insertions, 3 deletions
diff --git a/sbin/ipsecctl/ipsecctl.h b/sbin/ipsecctl/ipsecctl.h index c17c7c59905..d788dc908d3 100644 --- a/sbin/ipsecctl/ipsecctl.h +++ b/sbin/ipsecctl/ipsecctl.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ipsecctl.h,v 1.47 2006/06/02 05:59:31 hshoexer Exp $ */ +/* $OpenBSD: ipsecctl.h,v 1.48 2006/06/02 12:29:43 markus Exp $ */ /* * Copyright (c) 2004, 2005 Hans-Joerg Hoexer <hshoexer@openbsd.org> * @@ -153,6 +153,7 @@ struct ike_mode { extern const struct ipsec_xf authxfs[]; extern const struct ipsec_xf encxfs[]; +extern const struct ipsec_xf compxfs[]; TAILQ_HEAD(dst_group_queue, ipsec_rule); diff --git a/sbin/ipsecctl/pfkdump.c b/sbin/ipsecctl/pfkdump.c index 4503a6b29f2..f4e3f92e6fb 100644 --- a/sbin/ipsecctl/pfkdump.c +++ b/sbin/ipsecctl/pfkdump.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pfkdump.c,v 1.17 2006/06/02 04:14:51 hshoexer Exp $ */ +/* $OpenBSD: pfkdump.c,v 1.18 2006/06/02 12:29:43 markus Exp $ */ /* * Copyright (c) 2003 Markus Friedl. All rights reserved. @@ -630,7 +630,24 @@ pfkey_print_sa(struct sadb_msg *msg, int opts) parse_addr(extensions[SADB_EXT_ADDRESS_DST], &dst); r.src = &src; r.dst = &dst; - if (sa->sadb_sa_encrypt || sa->sadb_sa_encrypt) { + if (r.satype == IPSEC_IPCOMP) { + if (sa->sadb_sa_encrypt) { + bzero(&xfs, sizeof xfs); + r.xfs = &xfs; + switch (sa->sadb_sa_encrypt) { + case SADB_X_CALG_DEFLATE: + xfs.encxf = &compxfs[COMPXF_DEFLATE]; + break; + case SADB_X_CALG_LZS: + xfs.encxf = &compxfs[COMPXF_LZS]; + break; + } + } + } else if (r.satype == IPSEC_TCPMD5) { + bzero(&authkey, sizeof authkey); + parse_key(extensions[SADB_EXT_KEY_AUTH], &authkey); + r.authkey = &authkey; + } else if (sa->sadb_sa_encrypt || sa->sadb_sa_encrypt) { bzero(&xfs, sizeof xfs); r.xfs = &xfs; if (sa->sadb_sa_encrypt) { |