summaryrefslogtreecommitdiff
path: root/sbin/isakmpd
diff options
context:
space:
mode:
Diffstat (limited to 'sbin/isakmpd')
-rw-r--r--sbin/isakmpd/Makefile14
-rw-r--r--sbin/isakmpd/exchange.c20
-rw-r--r--sbin/isakmpd/features/aggressive32
-rw-r--r--sbin/isakmpd/features/dpd27
-rw-r--r--sbin/isakmpd/features/isakmp_cfg31
-rw-r--r--sbin/isakmpd/ike_phase_1.c8
-rw-r--r--sbin/isakmpd/ipsec.c22
-rw-r--r--sbin/isakmpd/ipsec.h6
-rw-r--r--sbin/isakmpd/isakmp_doi.c4
-rw-r--r--sbin/isakmpd/message.c16
-rw-r--r--sbin/isakmpd/message.h4
-rw-r--r--sbin/isakmpd/sa.c8
-rw-r--r--sbin/isakmpd/sa.h4
13 files changed, 17 insertions, 179 deletions
diff --git a/sbin/isakmpd/Makefile b/sbin/isakmpd/Makefile
index 9db0922e988..769682ebb4d 100644
--- a/sbin/isakmpd/Makefile
+++ b/sbin/isakmpd/Makefile
@@ -1,4 +1,4 @@
-# $OpenBSD: Makefile,v 1.65 2005/04/08 16:41:54 deraadt Exp $
+# $OpenBSD: Makefile,v 1.66 2005/04/08 16:52:41 deraadt Exp $
# $EOM: Makefile,v 1.78 2000/10/15 21:33:42 niklas Exp $
#
@@ -44,10 +44,10 @@ OS= openbsd
#OS= bsdi
# Compile-time configuration of otherwise optional features
-#FEATURES+= policy aggressive debug gmp
-#FEATURES+= rawkey isakmp_cfg dnssec dpd
-FEATURES+= policy aggressive debug
-FEATURES+= rawkey isakmp_cfg dpd
+#FEATURES+= policy debug gmp
+#FEATURES+= rawkey dnssec
+FEATURES+= policy debug
+FEATURES+= rawkey
.PATH: ${.CURDIR}/sysdep/${OS}
@@ -150,8 +150,8 @@ LDADD+= -ldes
DPADD+= ${LIBDES}
.endif
-SRCS+= ${IPSEC_SRCS} ${POLICY} math_ec2n.c ${AGGRESSIVE} ${DNSSEC} \
- ${ISAKMP_CFG} ${DPD} monitor.c monitor_fdpass.c \
+SRCS+= ${IPSEC_SRCS} ${POLICY} math_ec2n.c ${DNSSEC} \
+ ike_aggressive.c isakmp_cfg.c dpd.c monitor.c monitor_fdpass.c \
nat_traversal.c udp_encap.c
CFLAGS+= ${IPSEC_CFLAGS} ${DNSSEC_CFLAGS}
diff --git a/sbin/isakmpd/exchange.c b/sbin/isakmpd/exchange.c
index c8270dbf8e5..58ad0770537 100644
--- a/sbin/isakmpd/exchange.c
+++ b/sbin/isakmpd/exchange.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: exchange.c,v 1.114 2005/04/08 16:37:14 deraadt Exp $ */
+/* $OpenBSD: exchange.c,v 1.115 2005/04/08 16:52:41 deraadt Exp $ */
/* $EOM: exchange.c,v 1.143 2000/12/04 00:02:25 angelos Exp $ */
/*
@@ -50,9 +50,7 @@
#include "exchange.h"
#include "ipsec_num.h"
#include "isakmp.h"
-#ifdef USE_ISAKMP_CFG
#include "isakmp_cfg.h"
-#endif
#include "libcrypto.h"
#include "log.h"
#include "message.h"
@@ -142,7 +140,6 @@ int16_t script_authentication_only[] = {
EXCHANGE_SCRIPT_END
};
-#ifdef USE_AGGRESSIVE
int16_t script_aggressive[] = {
ISAKMP_PAYLOAD_SA, /* Initiator -> responder. */
ISAKMP_PAYLOAD_KEY_EXCH,
@@ -158,7 +155,6 @@ int16_t script_aggressive[] = {
EXCHANGE_SCRIPT_AUTH, /* Initiator -> responder. */
EXCHANGE_SCRIPT_END
};
-#endif /* USE_AGGRESSIVE */
int16_t script_informational[] = {
EXCHANGE_SCRIPT_INFO, /* Initiator -> responder. */
@@ -179,16 +175,12 @@ exchange_script(struct exchange *exchange)
return script_identity_protection;
case ISAKMP_EXCH_AUTH_ONLY:
return script_authentication_only;
-#ifdef USE_AGGRESSIVE
case ISAKMP_EXCH_AGGRESSIVE:
return script_aggressive;
-#endif
case ISAKMP_EXCH_INFO:
return script_informational;
-#ifdef USE_ISAKMP_CFG
case ISAKMP_EXCH_TRANSACTION:
return script_transaction;
-#endif
default:
if (exchange->type >= ISAKMP_EXCH_DOI_MIN)
return exchange->doi->exchange_script(exchange->type);
@@ -710,7 +702,6 @@ exchange_add_finalization(struct exchange *exchange,
exchange->finalize_arg = node;
}
-#ifdef USE_ISAKMP_CFG
static void
exchange_establish_transaction(struct exchange *exchange, void *arg, int fail)
{
@@ -725,7 +716,6 @@ exchange_establish_transaction(struct exchange *exchange, void *arg, int fail)
free(node);
}
-#endif /* USE_ISAKMP_CFG */
/* Establish a phase 1 exchange. */
void
@@ -735,10 +725,8 @@ exchange_establish_p1(struct transport *t, u_int8_t type, u_int32_t doi,
{
struct exchange *exchange;
struct message *msg;
-#ifdef USE_ISAKMP_CFG
struct conf_list *flags;
struct conf_list_node *flag;
-#endif
char *tag = 0;
char *str;
@@ -802,7 +790,6 @@ exchange_establish_p1(struct transport *t, u_int8_t type, u_int32_t doi,
if (!exchange->policy && name)
exchange->policy = CONF_DFLT_TAG_PHASE1_CONFIG;
-#ifdef USE_ISAKMP_CFG
if (name && (flags = conf_get_list(name, "Flags")) != NULL) {
for (flag = TAILQ_FIRST(&flags->fields); flag;
flag = TAILQ_NEXT(flag, link))
@@ -831,7 +818,6 @@ exchange_establish_p1(struct transport *t, u_int8_t type, u_int32_t doi,
}
conf_free_list(flags);
}
-#endif /* USE_ISAKMP_CFG */
exchange_add_finalization(exchange, finalize, arg);
cookie_gen(t, exchange, exchange->cookies, ISAKMP_HDR_ICOOKIE_LEN);
@@ -988,10 +974,8 @@ exchange_setup_p1(struct message *msg, u_int32_t doi)
struct transport *t = msg->transport;
struct exchange *exchange;
struct sockaddr *dst;
-#ifdef USE_ISAKMP_CFG
struct conf_list *flags;
struct conf_list_node *flag;
-#endif
char *name = 0, *policy = 0, *str;
u_int32_t want_doi;
u_int8_t type;
@@ -1083,7 +1067,6 @@ exchange_setup_p1(struct message *msg, u_int32_t doi)
}
exchange->policy = policy;
-#ifdef USE_ISAKMP_CFG
if (name && (flags = conf_get_list(name, "Flags")) != NULL) {
for (flag = TAILQ_FIRST(&flags->fields); flag;
flag = TAILQ_NEXT(flag, link))
@@ -1111,7 +1094,6 @@ exchange_setup_p1(struct message *msg, u_int32_t doi)
}
conf_free_list(flags);
}
-#endif
cookie_gen(msg->transport, exchange, exchange->cookies +
ISAKMP_HDR_ICOOKIE_LEN, ISAKMP_HDR_RCOOKIE_LEN);
diff --git a/sbin/isakmpd/features/aggressive b/sbin/isakmpd/features/aggressive
deleted file mode 100644
index 945678c53a6..00000000000
--- a/sbin/isakmpd/features/aggressive
+++ /dev/null
@@ -1,32 +0,0 @@
-# $OpenBSD: aggressive,v 1.4 2003/06/03 14:29:41 ho Exp $
-# $EOM: aggressive,v 1.3 2000/02/20 16:38:15 niklas Exp $
-
-#
-# Copyright (c) 2000 Niklas Hallqvist. All rights reserved.
-#
-# Redistribution and use in source and binary forms, with or without
-# modification, are permitted provided that the following conditions
-# are met:
-# 1. Redistributions of source code must retain the above copyright
-# notice, this list of conditions and the following disclaimer.
-# 2. Redistributions in binary form must reproduce the above copyright
-# notice, this list of conditions and the following disclaimer in the
-# documentation and/or other materials provided with the distribution.
-#
-# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
-# IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
-# OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
-# IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
-# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
-# NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
-# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
-# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
-# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
-# THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-#
-
-#
-# This code was written under funding by Wireless Networks Inc.
-#
-
-AGGRESSIVE= ike_aggressive.c
diff --git a/sbin/isakmpd/features/dpd b/sbin/isakmpd/features/dpd
deleted file mode 100644
index 155ce682407..00000000000
--- a/sbin/isakmpd/features/dpd
+++ /dev/null
@@ -1,27 +0,0 @@
-# $OpenBSD: dpd,v 1.1 2004/06/20 15:20:07 ho Exp $
-
-#
-# Copyright (c) 2004 Håkan Olsson. All rights reserved.
-#
-# Redistribution and use in source and binary forms, with or without
-# modification, are permitted provided that the following conditions
-# are met:
-# 1. Redistributions of source code must retain the above copyright
-# notice, this list of conditions and the following disclaimer.
-# 2. Redistributions in binary form must reproduce the above copyright
-# notice, this list of conditions and the following disclaimer in the
-# documentation and/or other materials provided with the distribution.
-#
-# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
-# IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
-# OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
-# IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
-# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
-# NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
-# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
-# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
-# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
-# THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-#
-
-DPD= dpd.c
diff --git a/sbin/isakmpd/features/isakmp_cfg b/sbin/isakmpd/features/isakmp_cfg
deleted file mode 100644
index 55710fcfa84..00000000000
--- a/sbin/isakmpd/features/isakmp_cfg
+++ /dev/null
@@ -1,31 +0,0 @@
-# $OpenBSD: isakmp_cfg,v 1.2 2003/06/03 14:29:41 ho Exp $
-
-#
-# Copyright (c) 2001 Niklas Hallqvist. All rights reserved.
-#
-# Redistribution and use in source and binary forms, with or without
-# modification, are permitted provided that the following conditions
-# are met:
-# 1. Redistributions of source code must retain the above copyright
-# notice, this list of conditions and the following disclaimer.
-# 2. Redistributions in binary form must reproduce the above copyright
-# notice, this list of conditions and the following disclaimer in the
-# documentation and/or other materials provided with the distribution.
-#
-# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
-# IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
-# OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
-# IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
-# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
-# NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
-# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
-# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
-# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
-# THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-#
-
-#
-# This code was written under funding by Gatespace (http://www.gatespace.com/).
-#
-
-ISAKMP_CFG= isakmp_cfg.c
diff --git a/sbin/isakmpd/ike_phase_1.c b/sbin/isakmpd/ike_phase_1.c
index 8c56ec7fa11..937e4c386fd 100644
--- a/sbin/isakmpd/ike_phase_1.c
+++ b/sbin/isakmpd/ike_phase_1.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ike_phase_1.c,v 1.60 2005/04/08 16:37:14 deraadt Exp $ */
+/* $OpenBSD: ike_phase_1.c,v 1.61 2005/04/08 16:52:41 deraadt Exp $ */
/* $EOM: ike_phase_1.c,v 1.31 2000/12/11 23:47:56 niklas Exp $ */
/*
@@ -45,9 +45,7 @@
#include "crypto.h"
#include "dh.h"
#include "doi.h"
-#ifdef USE_DPD
#include "dpd.h"
-#endif
#include "exchange.h"
#include "hash.h"
#include "ike_auth.h"
@@ -366,11 +364,9 @@ ike_phase_1_initiator_send_SA(struct message *msg)
if (nat_t_add_vendor_payloads(msg))
goto bail_out;
-#if defined (USE_DPD)
/* Advertise DPD capability. */
if (dpd_add_vendor_payload(msg))
goto bail_out;
-#endif
conf_free_list(conf);
free(transform);
@@ -528,11 +524,9 @@ ike_phase_1_responder_send_SA(struct message *msg)
if (nat_t_add_vendor_payloads(msg))
return -1;
-#if defined (USE_DPD)
/* Advertise DPD capability. */
if (dpd_add_vendor_payload(msg))
return -1;
-#endif
return 0;
}
diff --git a/sbin/isakmpd/ipsec.c b/sbin/isakmpd/ipsec.c
index ef54cfe8161..32be08d061a 100644
--- a/sbin/isakmpd/ipsec.c
+++ b/sbin/isakmpd/ipsec.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ipsec.c,v 1.114 2005/04/08 16:37:14 deraadt Exp $ */
+/* $OpenBSD: ipsec.c,v 1.115 2005/04/08 16:52:41 deraadt Exp $ */
/* $EOM: ipsec.c,v 1.143 2000/12/11 23:57:42 niklas Exp $ */
/*
@@ -47,9 +47,7 @@
#include "crypto.h"
#include "dh.h"
#include "doi.h"
-#if defined (USE_DPD)
#include "dpd.h"
-#endif
#include "exchange.h"
#include "hash.h"
#include "ike_aggressive.h"
@@ -592,9 +590,7 @@ static void
ipsec_free_exchange_data(void *vie)
{
struct ipsec_exch *ie = vie;
-#ifdef USE_ISAKMP_CFG
struct isakmp_cfg_attr *attr;
-#endif
if (ie->sa_i_b)
free(ie->sa_i_b);
@@ -622,7 +618,6 @@ ipsec_free_exchange_data(void *vie)
free(ie->hash_r);
if (ie->group)
group_free(ie->group);
-#ifdef USE_ISAKMP_CFG
for (attr = LIST_FIRST(&ie->attrs); attr;
attr = LIST_FIRST(&ie->attrs)) {
LIST_REMOVE(attr, link);
@@ -630,7 +625,6 @@ ipsec_free_exchange_data(void *vie)
free(attr->value);
free(attr);
}
-#endif
}
/* Free the DOI-specific SA data pointed to by VISA. */
@@ -670,10 +664,8 @@ static int16_t *
ipsec_exchange_script(u_int8_t type)
{
switch (type) {
-#ifdef USE_ISAKMP_CFG
- case ISAKMP_EXCH_TRANSACTION:
+ case ISAKMP_EXCH_TRANSACTION:
return script_transaction;
-#endif
case IKE_EXCH_QUICK_MODE:
return script_quick_mode;
case IKE_EXCH_NEW_GROUP_MODE:
@@ -923,16 +915,12 @@ ipsec_initiator(struct message *msg)
case ISAKMP_EXCH_ID_PROT:
script = ike_main_mode_initiator;
break;
-#ifdef USE_AGGRESSIVE
case ISAKMP_EXCH_AGGRESSIVE:
script = ike_aggressive_initiator;
break;
-#endif
-#ifdef USE_ISAKMP_CFG
case ISAKMP_EXCH_TRANSACTION:
script = isakmp_cfg_initiator;
break;
-#endif
case ISAKMP_EXCH_INFO:
return message_send_info(msg);
case IKE_EXCH_QUICK_MODE:
@@ -1020,16 +1008,12 @@ ipsec_responder(struct message *msg)
case ISAKMP_EXCH_ID_PROT:
script = ike_main_mode_responder;
break;
-#ifdef USE_AGGRESSIVE
case ISAKMP_EXCH_AGGRESSIVE:
script = ike_aggressive_responder;
break;
-#endif
-#ifdef USE_ISAKMP_CFG
case ISAKMP_EXCH_TRANSACTION:
script = isakmp_cfg_responder;
break;
-#endif
case ISAKMP_EXCH_INFO:
for (p = payload_first(msg, ISAKMP_PAYLOAD_NOTIFY); p;
p = TAILQ_NEXT(p, link)) {
@@ -1043,12 +1027,10 @@ ipsec_responder(struct message *msg)
/* Handled by leftover logic. */
break;
-#if defined (USE_DPD)
case ISAKMP_NOTIFY_STATUS_DPD_R_U_THERE:
case ISAKMP_NOTIFY_STATUS_DPD_R_U_THERE_ACK:
dpd_handle_notify(msg, p);
break;
-#endif
default:
p->flags |= PL_MARK;
diff --git a/sbin/isakmpd/ipsec.h b/sbin/isakmpd/ipsec.h
index 1b3c9963c1f..0dc74dee49f 100644
--- a/sbin/isakmpd/ipsec.h
+++ b/sbin/isakmpd/ipsec.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ipsec.h,v 1.24 2004/05/23 18:17:56 hshoexer Exp $ */
+/* $OpenBSD: ipsec.h,v 1.25 2005/04/08 16:52:41 deraadt Exp $ */
/* $EOM: ipsec.h,v 1.42 2000/12/03 07:58:20 angelos Exp $ */
/*
@@ -39,9 +39,7 @@
#include <netinet/in.h>
#include "ipsec_doi.h"
-#ifdef USE_ISAKMP_CFG
#include "isakmp_cfg.h"
-#endif
struct group;
struct hash;
@@ -99,12 +97,10 @@ struct ipsec_exch {
u_int8_t *id_cr;
size_t id_cr_sz;
-#ifdef USE_ISAKMP_CFG
/* ISAKMP configuration mode parameters */
u_int16_t cfg_id;
u_int16_t cfg_type;
LIST_HEAD(isakmp_cfg_attr_head, isakmp_cfg_attr) attrs;
-#endif
};
#define IPSEC_EXCH_FLAG_NO_ID 1
diff --git a/sbin/isakmpd/isakmp_doi.c b/sbin/isakmpd/isakmp_doi.c
index 2fc8c1dab4c..b819f768a2c 100644
--- a/sbin/isakmpd/isakmp_doi.c
+++ b/sbin/isakmpd/isakmp_doi.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: isakmp_doi.c,v 1.22 2004/06/20 17:17:35 ho Exp $ */
+/* $OpenBSD: isakmp_doi.c,v 1.23 2005/04/08 16:52:41 deraadt Exp $ */
/* $EOM: isakmp_doi.c,v 1.42 2000/09/12 16:29:41 ho Exp $ */
/*
@@ -247,10 +247,8 @@ isakmp_responder(struct message *msg)
}
return 0;
-#ifdef USE_ISAKMP_CFG
case ISAKMP_EXCH_TRANSACTION:
/* return 0 isakmp_cfg_responder (msg); */
-#endif /* USE_ISAKMP_CFG */
default:
/* XXX So far we don't accept any proposals. */
diff --git a/sbin/isakmpd/message.c b/sbin/isakmpd/message.c
index ddfd567be05..1ca73aaa607 100644
--- a/sbin/isakmpd/message.c
+++ b/sbin/isakmpd/message.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: message.c,v 1.103 2005/04/08 16:37:14 deraadt Exp $ */
+/* $OpenBSD: message.c,v 1.104 2005/04/08 16:52:41 deraadt Exp $ */
/* $EOM: message.c,v 1.156 2000/10/10 12:36:39 provos Exp $ */
/*
@@ -45,9 +45,7 @@
#include "constants.h"
#include "crypto.h"
#include "doi.h"
-#ifdef USE_DPD
#include "dpd.h"
-#endif
#include "exchange.h"
#include "field.h"
#include "hash.h"
@@ -476,7 +474,6 @@ message_payload_sz(u_int8_t payload)
static int
message_validate_attribute(struct message *msg, struct payload *p)
{
-#ifdef USE_ISAKMP_CFG
/* If we don't have an exchange yet, create one. */
if (!msg->exchange) {
if (zero_test((u_int8_t *) msg->iov[0].iov_base +
@@ -493,7 +490,6 @@ message_validate_attribute(struct message *msg, struct payload *p)
return -1;
}
}
-#endif
return 0;
}
@@ -1099,9 +1095,7 @@ message_validate_vendor(struct message *msg, struct payload *p)
message_drop(msg, ISAKMP_NOTIFY_INVALID_PAYLOAD_TYPE, 0, 1, 1);
return -1;
}
-#if defined (USE_DPD)
dpd_check_vendor_payload(msg, p);
-#endif
nat_t_check_vendor_payload(msg, p);
if (!(p->flags & PL_MARK))
LOG_DBG((LOG_MESSAGE, 40, "message_validate_vendor: "
@@ -1644,13 +1638,11 @@ struct info_args {
u_int16_t nspis;
u_int8_t *spis;
} d;
-#if defined (USE_DPD)
struct {
u_int16_t msg_type;
u_int8_t *spi;
u_int32_t seq;
} dpd;
-#endif
} u;
};
@@ -1723,7 +1715,6 @@ message_send_delete(struct sa *sa)
}
}
-#if defined (USE_DPD)
void
message_send_dpd_notify(struct sa* isakmp_sa, u_int16_t notify, u_int32_t seq)
{
@@ -1739,7 +1730,6 @@ message_send_dpd_notify(struct sa* isakmp_sa, u_int16_t notify, u_int32_t seq)
exchange_establish_p2(isakmp_sa, ISAKMP_EXCH_INFO, 0, &args, 0, 0);
}
-#endif
/* Build the informational message into MSG. */
int
@@ -1756,11 +1746,9 @@ message_send_info(struct message *msg)
return -1;
switch (args->discr) {
-#if defined (USE_DPD)
case 'P':
sz = sizeof args->u.dpd.seq;
/* FALLTHROUGH */
-#endif
case 'N':
sz += ISAKMP_NOTIFY_SPI_OFF + args->spi_sz;
break;
@@ -1778,12 +1766,10 @@ message_send_info(struct message *msg)
return -1;
}
switch (args->discr) {
-#if defined (USE_DPD)
case 'P':
memcpy(buf + ISAKMP_NOTIFY_SPI_OFF + args->spi_sz,
&args->u.dpd.seq, sizeof args->u.dpd.seq);
/* FALLTHROUGH */
-#endif
case 'N':
/* Build the NOTIFY payload. */
payload = ISAKMP_PAYLOAD_NOTIFY;
diff --git a/sbin/isakmpd/message.h b/sbin/isakmpd/message.h
index 14b1d9a9977..f7b15d8d09f 100644
--- a/sbin/isakmpd/message.h
+++ b/sbin/isakmpd/message.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: message.h,v 1.22 2004/08/10 15:59:10 ho Exp $ */
+/* $OpenBSD: message.h,v 1.23 2005/04/08 16:52:41 deraadt Exp $ */
/* $EOM: message.h,v 1.51 2000/10/10 12:36:39 provos Exp $ */
/*
@@ -198,8 +198,6 @@ extern void message_setup_header(struct message *, u_int8_t, u_int8_t,
struct payload *payload_first(struct message *, u_int8_t);
struct payload *payload_last(struct message *, u_int8_t);
-#if defined (USE_DPD)
extern void message_send_dpd_notify(struct sa*, u_int16_t, u_int32_t);
-#endif
#endif /* _MESSAGE_H_ */
diff --git a/sbin/isakmpd/sa.c b/sbin/isakmpd/sa.c
index a7562298677..a09ac8c07ec 100644
--- a/sbin/isakmpd/sa.c
+++ b/sbin/isakmpd/sa.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sa.c,v 1.94 2005/04/08 16:37:15 deraadt Exp $ */
+/* $OpenBSD: sa.c,v 1.95 2005/04/08 16:52:41 deraadt Exp $ */
/* $EOM: sa.c,v 1.112 2000/12/12 00:22:52 niklas Exp $ */
/*
@@ -723,12 +723,10 @@ sa_free(struct sa *sa)
sa->soft_death = 0;
sa->refcnt--;
}
-#if defined (USE_DPD)
if (sa->dpd_event) {
timer_remove_event(sa->dpd_event);
sa->dpd_event = 0;
}
-#endif
sa_remove(sa);
}
@@ -801,10 +799,8 @@ sa_release(struct sa *sa)
free(sa->keystate);
if (sa->nat_t_keepalive)
timer_remove_event(sa->nat_t_keepalive);
-#if defined (USE_DPD)
if (sa->dpd_event)
timer_remove_event(sa->dpd_event);
-#endif
if (sa->transport)
transport_release(sa->transport);
free(sa);
@@ -1185,12 +1181,10 @@ sa_mark_replaced(struct sa *sa)
{
LOG_DBG((LOG_SA, 60, "sa_mark_replaced: SA %p (%s) marked as replaced",
sa, sa->name ? sa->name : "unnamed"));
-#if defined (USE_DPD)
if (sa->dpd_event) {
timer_remove_event(sa->dpd_event);
sa->dpd_event = 0;
}
-#endif
sa->flags |= SA_FLAG_REPLACED;
}
diff --git a/sbin/isakmpd/sa.h b/sbin/isakmpd/sa.h
index 836df87401b..80a4cc1d448 100644
--- a/sbin/isakmpd/sa.h
+++ b/sbin/isakmpd/sa.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: sa.h,v 1.45 2005/04/08 16:37:15 deraadt Exp $ */
+/* $OpenBSD: sa.h,v 1.46 2005/04/08 16:52:41 deraadt Exp $ */
/* $EOM: sa.h,v 1.58 2000/10/10 12:39:01 provos Exp $ */
/*
@@ -203,14 +203,12 @@ struct sa {
struct event *nat_t_keepalive;
-#if defined (USE_DPD)
/* IKE DPD (RFC3706) message sequence number. */
u_int32_t dpd_seq; /* sent */
u_int32_t dpd_rseq; /* recieved */
u_int32_t dpd_failcount; /* # of subsequent failures */
u_int32_t dpd_rdupcount; /* # of subsequent duplicates */
struct event *dpd_event; /* time of next event */
-#endif
};
/* This SA is alive. */