Reflect setsockopt changes. May need further mods for KAME IPsecs.

1 files changed, 18 insertions, 4 deletions

diff --git a/sbin/isakmpd/sysdep/bsdi/sysdep.c b/sbin/isakmpd/sysdep/bsdi/sysdep.c
index b5535b84f38..f485ac36ea4 100644
--- a/sbin/isakmpd/sysdep/bsdi/sysdep.c
+++ b/sbin/isakmpd/sysdep/bsdi/sysdep.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: sysdep.c,v 1.4 2001/06/29 19:08:12 ho Exp $	*/
+/*	$OpenBSD: sysdep.c,v 1.5 2001/06/29 22:12:55 ho Exp $	*/
 
 /*
  * Copyright (c) 1998, 1999 Niklas Hallqvist.  All rights reserved.
@@ -122,15 +122,29 @@ sysdep_ipsec_get_spi (size_t *sz, u_int8_t proto, struct sockaddr *src,
 
 /* Force communication on socket FD to go in the clear.  */
 int
-sysdep_cleartext (int fd)
+sysdep_cleartext (int fd, int af)
 {
   char *buf;
   char *policy[] = { "in bypass", "out bypass", NULL };
   char **p;
+  int ipp;
 
   if (app_none)
     return 0;
 
+  switch (af)
+    {
+    case AF_INET:
+      ipp = IPPROTO_IP;
+      break;
+    case AF_INET6:
+      ipp = IPPROTO_IPV6;
+      break;
+    default:
+      log_print ("sysdep_cleartext: unsupported protocol family %d", af);
+      return -1;
+    }
+
   /*
    * Need to bypass system security policy, so I can send and
    * receive key management datagrams in the clear.
@@ -145,8 +159,8 @@ sysdep_cleartext (int fd)
 	  return -1;
 	}
 
-      if (setsockopt(fd, IPPROTO_IP, IP_IPSEC_POLICY, buf,
-		       ipsec_get_policylen(buf)) < 0)
+      if (setsockopt(fd, ipp, IP_IPSEC_POLICY, buf,
+		     ipsec_get_policylen(buf)) < 0)
 	{
 	  log_error ("sysdep_cleartext: "
 		     "setsockopt (%d, IPPROTO_IP, IP_IPSEC_POLICY, ...) failed",