summaryrefslogtreecommitdiff
path: root/usr.sbin
diff options
context:
space:
mode:
authorHenning Brauer <henning@cvs.openbsd.org>2004-04-27 23:20:43 +0000
committerHenning Brauer <henning@cvs.openbsd.org>2004-04-27 23:20:43 +0000
commit2b98373c81bfe89360ce74ca4e1b09e54b922615 (patch)
tree699ee5699e627e2ab02f195e9cbd4d372fcfa1d3 /usr.sbin
parenta6add13769218316563169cfbb71743496c967ef (diff)
teach printconf about all this shiny new ipsec stuff
Diffstat (limited to 'usr.sbin')
-rw-r--r--usr.sbin/bgpd/printconf.c46
1 files changed, 45 insertions, 1 deletions
diff --git a/usr.sbin/bgpd/printconf.c b/usr.sbin/bgpd/printconf.c
index 745b7d189b8..b7898fdefa0 100644
--- a/usr.sbin/bgpd/printconf.c
+++ b/usr.sbin/bgpd/printconf.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: printconf.c,v 1.14 2004/04/27 22:42:13 henning Exp $ */
+/* $OpenBSD: printconf.c,v 1.15 2004/04/27 23:20:42 henning Exp $ */
/*
* Copyright (c) 2003, 2004 Henning Brauer <henning@openbsd.org>
@@ -27,6 +27,8 @@ void print_set(struct filter_set *);
void print_mainconf(struct bgpd_config *);
void print_network(struct network_config *);
void print_peer(struct peer_config *);
+const char *print_auth_alg(u_int8_t);
+const char *print_enc_alg(u_int8_t);
void print_rule(struct peer *, struct filter_rule *);
const char * mrt_type(enum mrt_type);
void print_mrt(u_int32_t, u_int32_t, const char *);
@@ -165,8 +167,24 @@ print_peer(struct peer_config *p)
printf("%s\tannounce all\n", c);
else
printf("%s\tannounce ???\n", c);
+
if (p->auth.method == MD5SIG)
printf("%s\ttcp md5sig\n", c);
+ else if (p->auth.method == IPSEC_MANUAL_ESP) {
+ printf("%s\tipsec esp in spi %u %s XXXXXX", c, p->auth.spi_in,
+ print_auth_alg(p->auth.auth_alg_in));
+ if (p->auth.enc_alg_in)
+ printf(" %s XXXXXX", print_enc_alg(p->auth.enc_alg_in));
+ printf("\n");
+
+ printf("%s\tipsec esp out spi %u %s XXXXXX", c, p->auth.spi_out,
+ print_auth_alg(p->auth.auth_alg_out));
+ if (p->auth.enc_alg_out)
+ printf(" %s XXXXXX",
+ print_enc_alg(p->auth.enc_alg_out));
+ printf("\n");
+ } else if (p->auth.method == IPSEC_IKE)
+ printf("%s\tipsec ike\n", c);
if (p->attrset.flags)
printf("%s\t", c);
@@ -181,6 +199,32 @@ print_peer(struct peer_config *p)
printf("}\n");
}
+const char *
+print_auth_alg(u_int8_t alg)
+{
+ switch (alg) {
+ case SADB_AALG_SHA1HMAC:
+ return ("sha1");
+ case SADB_AALG_MD5HMAC:
+ return ("md5");
+ default:
+ return ("???");
+ }
+}
+
+const char *
+print_enc_alg(u_int8_t alg)
+{
+ switch (alg) {
+ case SADB_EALG_3DESCBC:
+ return ("3des");
+ case SADB_X_EALG_AES:
+ return ("aes");
+ default:
+ return ("???");
+ }
+}
+
void
print_rule(struct peer *peer_l, struct filter_rule *r)
{