src - OpenBSD base system

diff options


context:
space:
mode:

author	Markus Friedl <markus@cvs.openbsd.org>	2003-05-11 02:16:55 +0000
committer	Markus Friedl <markus@cvs.openbsd.org>	2003-05-11 02:16:55 +0000
commit	a57beaa3b4c2234d868dc8d7c988b467ed7b4f2d (patch)
tree	27cbb76409c5e1628bad1abe4b2901eee4ec85cb /sbin/isakmpd/pf_key_v2.c
parent	bfb08542bd5613665d425969a4b0af2c6fec3261 (diff)

fix ID-type for ipv6; ok niklas; report fries

Diffstat (limited to 'sbin/isakmpd/pf_key_v2.c')

-rw-r--r--

sbin/isakmpd/pf_key_v2.c

1 files changed, 25 insertions, 9 deletions

diff --git a/sbin/isakmpd/pf_key_v2.c b/sbin/isakmpd/pf_key_v2.c
index 7bbb24766d5..cf84e447df6 100644
--- a/sbin/isakmpd/pf_key_v2.c
+++ b/sbin/isakmpd/pf_key_v2.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: pf_key_v2.c,v 1.124 2003/04/14 10:22:13 ho Exp $ */

+/* $OpenBSD: pf_key_v2.c,v 1.125 2003/05/11 02:16:54 markus Exp $ */

/* $EOM: pf_key_v2.c,v 1.79 2000/12/12 00:33:19 niklas Exp $ */

@@ -2873,6 +2873,7 @@ pf_key_v2_acquire (struct pf_key_v2_msg *pmsg)

struct sadb_protocol *sproto;

char ssflow[ADDRESS_MAX], sdflow[ADDRESS_MAX];

char sdmask[ADDRESS_MAX], ssmask[ADDRESS_MAX];

+ char *sidtype = 0, *didtype = 0;

char lname[100], dname[100], configname[30];

int shostflag = 0, dhostflag = 0;

struct pf_key_v2_node *ext;

@@ -3003,6 +3004,8 @@ pf_key_v2_acquire (struct pf_key_v2_msg *pmsg)

bzero (ssmask, sizeof ssmask);

bzero (sdmask, sizeof sdmask);

+ sidtype = didtype = "IPV4_ADDR_SUBNET"; /* default */

switch (sflow->sa_family)

{

case AF_INET:

@@ -3033,9 +3036,15 @@ pf_key_v2_acquire (struct pf_key_v2_msg *pmsg)

goto fail;

}

if (((struct sockaddr_in *)smask)->sin_addr.s_addr == INADDR_BROADCAST)

- shostflag = 1;

+ {

+ shostflag = 1;

+ sidtype = "IPV4_ADDR";

+ }

if (((struct sockaddr_in *)dmask)->sin_addr.s_addr == INADDR_BROADCAST)

- dhostflag = 1;

+ {

+ dhostflag = 1;

+ didtype = "IPV4_ADDR";

+ }

break;

case AF_INET6:

@@ -3065,10 +3074,17 @@ pf_key_v2_acquire (struct pf_key_v2_msg *pmsg)

log_print ("pf_key_v2_acquire: inet_ntop failed");

goto fail;

}

+ sidtype = didtype = "IPV6_ADDR_SUBNET";

if (IN6_IS_ADDR_FULL (&((struct sockaddr_in6 *)smask)->sin6_addr))

- shostflag = 1;

+ {

+ shostflag = 1;

+ sidtype = "IPV6_ADDR";

+ }

if (IN6_IS_ADDR_FULL (&((struct sockaddr_in6 *)dmask)->sin6_addr))

- dhostflag = 1;

+ {

+ dhostflag = 1;

+ didtype = "IPV6_ADDR";

+ }

break;

}

@@ -3578,7 +3594,7 @@ pf_key_v2_acquire (struct pf_key_v2_msg *pmsg)

if (shostflag)

{

- if (conf_set (af, lname, "ID-type", "IPV4_ADDR", 0, 0)

+ if (conf_set (af, lname, "ID-type", sidtype, 0, 0)

|| conf_set (af, lname, "Address", ssflow, 0, 0))

{

conf_end (af, 0);

@@ -3587,7 +3603,7 @@ pf_key_v2_acquire (struct pf_key_v2_msg *pmsg)

}

else

{

- if (conf_set (af, lname, "ID-type", "IPV4_ADDR_SUBNET", 0, 0)

+ if (conf_set (af, lname, "ID-type", sidtype, 0, 0)

|| conf_set (af, lname, "Network", ssflow, 0, 0)

|| conf_set (af, lname, "Netmask", ssmask, 0, 0))

{

@@ -3637,7 +3653,7 @@ pf_key_v2_acquire (struct pf_key_v2_msg *pmsg)

if (dhostflag)

{

- if (conf_set (af, dname, "ID-type", "IPV4_ADDR", 0, 0)

+ if (conf_set (af, dname, "ID-type", didtype, 0, 0)

|| conf_set (af, dname, "Address", sdflow, 0, 0))

{

conf_end (af, 0);

@@ -3646,7 +3662,7 @@ pf_key_v2_acquire (struct pf_key_v2_msg *pmsg)

}

else

{

- if (conf_set (af, dname, "ID-type", "IPV4_ADDR_SUBNET", 0, 0)

+ if (conf_set (af, dname, "ID-type", didtype, 0, 0)

|| conf_set (af, dname, "Network", sdflow, 0, 0)

|| conf_set (af, dname, "Netmask", sdmask, 0, 0))

{