summaryrefslogtreecommitdiff
path: root/sbin
diff options
context:
space:
mode:
authorMarkus Friedl <markus@cvs.openbsd.org>2003-05-11 02:16:55 +0000
committerMarkus Friedl <markus@cvs.openbsd.org>2003-05-11 02:16:55 +0000
commita57beaa3b4c2234d868dc8d7c988b467ed7b4f2d (patch)
tree27cbb76409c5e1628bad1abe4b2901eee4ec85cb /sbin
parentbfb08542bd5613665d425969a4b0af2c6fec3261 (diff)
fix ID-type for ipv6; ok niklas; report fries
Diffstat (limited to 'sbin')
-rw-r--r--sbin/isakmpd/pf_key_v2.c34
1 files changed, 25 insertions, 9 deletions
diff --git a/sbin/isakmpd/pf_key_v2.c b/sbin/isakmpd/pf_key_v2.c
index 7bbb24766d5..cf84e447df6 100644
--- a/sbin/isakmpd/pf_key_v2.c
+++ b/sbin/isakmpd/pf_key_v2.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: pf_key_v2.c,v 1.124 2003/04/14 10:22:13 ho Exp $ */
+/* $OpenBSD: pf_key_v2.c,v 1.125 2003/05/11 02:16:54 markus Exp $ */
/* $EOM: pf_key_v2.c,v 1.79 2000/12/12 00:33:19 niklas Exp $ */
/*
@@ -2873,6 +2873,7 @@ pf_key_v2_acquire (struct pf_key_v2_msg *pmsg)
struct sadb_protocol *sproto;
char ssflow[ADDRESS_MAX], sdflow[ADDRESS_MAX];
char sdmask[ADDRESS_MAX], ssmask[ADDRESS_MAX];
+ char *sidtype = 0, *didtype = 0;
char lname[100], dname[100], configname[30];
int shostflag = 0, dhostflag = 0;
struct pf_key_v2_node *ext;
@@ -3003,6 +3004,8 @@ pf_key_v2_acquire (struct pf_key_v2_msg *pmsg)
bzero (ssmask, sizeof ssmask);
bzero (sdmask, sizeof sdmask);
+ sidtype = didtype = "IPV4_ADDR_SUBNET"; /* default */
+
switch (sflow->sa_family)
{
case AF_INET:
@@ -3033,9 +3036,15 @@ pf_key_v2_acquire (struct pf_key_v2_msg *pmsg)
goto fail;
}
if (((struct sockaddr_in *)smask)->sin_addr.s_addr == INADDR_BROADCAST)
- shostflag = 1;
+ {
+ shostflag = 1;
+ sidtype = "IPV4_ADDR";
+ }
if (((struct sockaddr_in *)dmask)->sin_addr.s_addr == INADDR_BROADCAST)
- dhostflag = 1;
+ {
+ dhostflag = 1;
+ didtype = "IPV4_ADDR";
+ }
break;
case AF_INET6:
@@ -3065,10 +3074,17 @@ pf_key_v2_acquire (struct pf_key_v2_msg *pmsg)
log_print ("pf_key_v2_acquire: inet_ntop failed");
goto fail;
}
+ sidtype = didtype = "IPV6_ADDR_SUBNET";
if (IN6_IS_ADDR_FULL (&((struct sockaddr_in6 *)smask)->sin6_addr))
- shostflag = 1;
+ {
+ shostflag = 1;
+ sidtype = "IPV6_ADDR";
+ }
if (IN6_IS_ADDR_FULL (&((struct sockaddr_in6 *)dmask)->sin6_addr))
- dhostflag = 1;
+ {
+ dhostflag = 1;
+ didtype = "IPV6_ADDR";
+ }
break;
}
@@ -3578,7 +3594,7 @@ pf_key_v2_acquire (struct pf_key_v2_msg *pmsg)
if (shostflag)
{
- if (conf_set (af, lname, "ID-type", "IPV4_ADDR", 0, 0)
+ if (conf_set (af, lname, "ID-type", sidtype, 0, 0)
|| conf_set (af, lname, "Address", ssflow, 0, 0))
{
conf_end (af, 0);
@@ -3587,7 +3603,7 @@ pf_key_v2_acquire (struct pf_key_v2_msg *pmsg)
}
else
{
- if (conf_set (af, lname, "ID-type", "IPV4_ADDR_SUBNET", 0, 0)
+ if (conf_set (af, lname, "ID-type", sidtype, 0, 0)
|| conf_set (af, lname, "Network", ssflow, 0, 0)
|| conf_set (af, lname, "Netmask", ssmask, 0, 0))
{
@@ -3637,7 +3653,7 @@ pf_key_v2_acquire (struct pf_key_v2_msg *pmsg)
if (dhostflag)
{
- if (conf_set (af, dname, "ID-type", "IPV4_ADDR", 0, 0)
+ if (conf_set (af, dname, "ID-type", didtype, 0, 0)
|| conf_set (af, dname, "Address", sdflow, 0, 0))
{
conf_end (af, 0);
@@ -3646,7 +3662,7 @@ pf_key_v2_acquire (struct pf_key_v2_msg *pmsg)
}
else
{
- if (conf_set (af, dname, "ID-type", "IPV4_ADDR_SUBNET", 0, 0)
+ if (conf_set (af, dname, "ID-type", didtype, 0, 0)
|| conf_set (af, dname, "Network", sdflow, 0, 0)
|| conf_set (af, dname, "Netmask", sdmask, 0, 0))
{