diff options
| author | Henning Brauer <henning@cvs.openbsd.org> | 2004-04-28 04:34:47 +0000 |
|---|---|---|
| committer | Henning Brauer <henning@cvs.openbsd.org> | 2004-04-28 04:34:47 +0000 |
| commit | a74a7b8c8a2841ed40215b8f990ca2f8b09de85a (patch) | |
| tree | a6c1efbed83699593a193c5e5de1a9308d14099e /usr.sbin/bgpd/parse.y | |
| parent | 183225a9e752d6018c473b05da7adc109f23d825 (diff) | |
allow ah/esp spec with IKE, markus ok
Diffstat (limited to 'usr.sbin/bgpd/parse.y')
| -rw-r--r-- | usr.sbin/bgpd/parse.y | 13 |
1 files changed, 10 insertions, 3 deletions
diff --git a/usr.sbin/bgpd/parse.y b/usr.sbin/bgpd/parse.y index 3856d48178f..4bfae60852e 100644 --- a/usr.sbin/bgpd/parse.y +++ b/usr.sbin/bgpd/parse.y @@ -1,4 +1,4 @@ -/* $OpenBSD: parse.y,v 1.94 2004/04/28 01:36:56 henning Exp $ */ +/* $OpenBSD: parse.y,v 1.95 2004/04/28 04:34:46 henning Exp $ */ /* * Copyright (c) 2002, 2003, 2004 Henning Brauer <henning@openbsd.org> @@ -558,12 +558,19 @@ peeropts : REMOTEAS asnumber { curpeer->conf.auth.method = AUTH_MD5SIG; free($4); } - | IPSEC IKE { + | IPSEC ESP IKE { if (curpeer->conf.auth.method) { yyerror("auth method cannot be redefined"); YYERROR; } - curpeer->conf.auth.method = AUTH_IPSEC_IKE; + curpeer->conf.auth.method = AUTH_IPSEC_IKE_ESP; + } + | IPSEC AH IKE { + if (curpeer->conf.auth.method) { + yyerror("auth method cannot be redefined"); + YYERROR; + } + curpeer->conf.auth.method = AUTH_IPSEC_IKE_AH; } | IPSEC ESP inout SPI number STRING STRING encspec { unsigned i; |