summaryrefslogtreecommitdiff
path: root/sbin/isakmpd
diff options
context:
space:
mode:
Diffstat (limited to 'sbin/isakmpd')
-rw-r--r--sbin/isakmpd/ipsec.c8
-rw-r--r--sbin/isakmpd/pf_key_v2.c5
-rw-r--r--sbin/isakmpd/policy.c5
-rw-r--r--sbin/isakmpd/sa.c10
4 files changed, 18 insertions, 10 deletions
diff --git a/sbin/isakmpd/ipsec.c b/sbin/isakmpd/ipsec.c
index 372d69a8181..82bad92a94f 100644
--- a/sbin/isakmpd/ipsec.c
+++ b/sbin/isakmpd/ipsec.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ipsec.c,v 1.72 2002/11/21 12:09:20 ho Exp $ */
+/* $OpenBSD: ipsec.c,v 1.73 2003/05/12 21:43:21 ho Exp $ */
/* $EOM: ipsec.c,v 1.143 2000/12/11 23:57:42 niklas Exp $ */
/*
@@ -891,7 +891,8 @@ ipsec_validate_transform_id (u_int8_t proto, u_int8_t transform_id)
transform_id < IPSEC_AH_MD5 || transform_id > IPSEC_AH_DES ? -1 : 0;
case IPSEC_PROTO_IPSEC_ESP:
return transform_id < IPSEC_ESP_DES_IV64
- || (transform_id > IPSEC_ESP_AES && transform_id < IPSEC_ESP_AES_MARS)
+ || (transform_id > IPSEC_ESP_AES_128_CTR
+ && transform_id < IPSEC_ESP_AES_MARS)
|| transform_id > IPSEC_ESP_AES_TWOFISH ? -1 : 0;
case IPSEC_PROTO_IPCOMP:
return transform_id < IPSEC_IPCOMP_OUI
@@ -1702,7 +1703,8 @@ ipsec_esp_enckeylength (struct proto *proto)
if (!iproto->keylen)
return 16;
return iproto->keylen / 8;
- case IPSEC_ESP_AES:
+ case IPSEC_ESP_AES_128_CBC:
+ case IPSEC_ESP_AES_128_CTR:
if (!iproto->keylen)
return 16;
/* Fallthrough */
diff --git a/sbin/isakmpd/pf_key_v2.c b/sbin/isakmpd/pf_key_v2.c
index cf84e447df6..832902990ef 100644
--- a/sbin/isakmpd/pf_key_v2.c
+++ b/sbin/isakmpd/pf_key_v2.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: pf_key_v2.c,v 1.125 2003/05/11 02:16:54 markus Exp $ */
+/* $OpenBSD: pf_key_v2.c,v 1.126 2003/05/12 21:43:21 ho Exp $ */
/* $EOM: pf_key_v2.c,v 1.79 2000/12/12 00:33:19 niklas Exp $ */
/*
@@ -911,7 +911,8 @@ pf_key_v2_set_spi (struct sa *sa, struct proto *proto, int incoming,
break;
#ifdef SADB_X_EALG_AES
- case IPSEC_ESP_AES:
+ case IPSEC_ESP_AES_128_CBC:
+ /* case IPSEC_ESP_AES_128_CTR: */
ssa.sadb_sa_encrypt = SADB_X_EALG_AES;
break;
#endif
diff --git a/sbin/isakmpd/policy.c b/sbin/isakmpd/policy.c
index d8dcae5cc7d..47e6a141a09 100644
--- a/sbin/isakmpd/policy.c
+++ b/sbin/isakmpd/policy.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: policy.c,v 1.57 2002/11/14 16:38:05 ho Exp $ */
+/* $OpenBSD: policy.c,v 1.58 2003/05/12 21:43:22 ho Exp $ */
/* $EOM: policy.c,v 1.49 2000/10/24 13:33:39 niklas Exp $ */
/*
@@ -293,7 +293,8 @@ policy_callback (char *name)
esp_enc_alg = "3des";
break;
- case IPSEC_ESP_AES:
+ case IPSEC_ESP_AES_128_CBC:
+ case IPSEC_ESP_AES_128_CTR:
esp_enc_alg = "aes";
break;
diff --git a/sbin/isakmpd/sa.c b/sbin/isakmpd/sa.c
index 90101de08ff..c022cb5b1bc 100644
--- a/sbin/isakmpd/sa.c
+++ b/sbin/isakmpd/sa.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sa.c,v 1.65 2002/11/21 12:09:20 ho Exp $ */
+/* $OpenBSD: sa.c,v 1.66 2003/05/12 21:43:22 ho Exp $ */
/* $EOM: sa.c,v 1.112 2000/12/12 00:22:52 niklas Exp $ */
/*
@@ -535,8 +535,12 @@ report_proto (FILE *fd, struct proto *proto)
fprintf (fd, "3DES\n");
break;
- case IPSEC_ESP_AES:
- fprintf (fd, "Rijndael-128/AES\n");
+ case IPSEC_ESP_AES_128_CBC:
+ fprintf (fd, "AES-128 (CBC)\n");
+ break;
+
+ case IPSEC_ESP_AES_128_CTR:
+ fprintf (fd, "AES-128 (CTR)\n");
break;
case IPSEC_ESP_CAST: