Aren/NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Uses remoteid/ph1id values

Browse Source
This commit is contained in:
vanhu 2006-10-03 08:02:51 +00:00
parent 80d5a8a518
commit dd3c365568
4 changed files with 38 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
crypto/dist/ipsec-tools/src/racoon/handler.c vendored
View File

@ -1,4 +1,4 @@
/* $NetBSD: handler.c,v 1.8 2006/09/09 16:22:09 manu Exp $ */
/* $NetBSD: handler.c,v 1.9 2006/10/03 08:02:51 vanhu Exp $ */
/* Id: handler.c,v 1.28 2006/05/26 12:17:29 manubsd Exp */
@ -1047,7 +1047,8 @@ static int revalidate_ph2(struct ph2handle *iph2){
*/
if (iph2->sainfo != NULL) {
iph2->sainfo = getsainfo(iph2->sainfo->idsrc,
iph2->sainfo->iddst, iph2->sainfo->id_i);
iph2->sainfo->iddst, iph2->sainfo->id_i,
iph2->sainfo->remoteid);
}
approval = iph2->approval;
sainfo = iph2->sainfo;

17
crypto/dist/ipsec-tools/src/racoon/isakmp_quick.c vendored
View File

@ -1,4 +1,4 @@
/* $NetBSD: isakmp_quick.c,v 1.9 2006/09/09 16:22:09 manu Exp $ */
/* $NetBSD: isakmp_quick.c,v 1.10 2006/10/03 08:02:51 vanhu Exp $ */
/* Id: isakmp_quick.c,v 1.29 2006/08/22 18:17:17 manubsd Exp */
@ -1806,6 +1806,7 @@ get_sainfo_r(iph2)
vchar_t *idsrc = NULL, *iddst = NULL;
int prefixlen;
int error = ISAKMP_INTERNAL_ERROR;
int remoteid = 0;
if (iph2->id == NULL) {
switch (iph2->src->sa_family) {
@ -1855,7 +1856,19 @@ get_sainfo_r(iph2)
goto end;
}
iph2->sainfo = getsainfo(idsrc, iddst, iph2->ph1->id_p);
{
struct remoteconf *conf;
conf = getrmconf(iph2->dst);
if (conf != NULL)
remoteid=conf->ph1id;
else{
plog(LLV_DEBUG, LOCATION, NULL, "Warning: no valid rmconf !\n");
remoteid=0;
}
}
iph2->sainfo = getsainfo(idsrc, iddst, iph2->ph1->id_p, remoteid);
if (iph2->sainfo == NULL) {
plog(LLV_ERROR, LOCATION, NULL,
"failed to get sainfo.\n");

17
crypto/dist/ipsec-tools/src/racoon/pfkey.c vendored
View File

@ -1,6 +1,6 @@
/* $NetBSD: pfkey.c,v 1.14 2006/10/02 07:17:57 manu Exp $ */
/* $NetBSD: pfkey.c,v 1.15 2006/10/03 08:02:51 vanhu Exp $ */
/* $Id: pfkey.c,v 1.14 2006/10/02 07:17:57 manu Exp $ */
/* $Id: pfkey.c,v 1.15 2006/10/03 08:02:51 vanhu Exp $ */
/*
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@ -1671,6 +1671,7 @@ pk_recvacquire(mhp)
struct ph2handle *iph2[MAXNESTEDSA];
struct sockaddr *src, *dst;
int n; /* # of phase 2 handler */
int remoteid=0;
/* ignore this message because of local test mode. */
if (f_local)
@ -1853,7 +1854,17 @@ pk_recvacquire(mhp)
delph2(iph2[n]);
return -1;
}
iph2[n]->sainfo = getsainfo(idsrc, iddst, NULL);
{
struct remoteconf *conf;
conf = getrmconf(iph2[n]->dst);
if (conf != NULL)
remoteid=conf->ph1id;
else{
plog(LLV_DEBUG, LOCATION, NULL, "Warning: no valid rmconf !\n");
remoteid=0;
}
}
iph2[n]->sainfo = getsainfo(idsrc, iddst, NULL, remoteid);
vfree(idsrc);
vfree(iddst);
if (iph2[n]->sainfo == NULL) {

9
crypto/dist/ipsec-tools/src/racoon/sainfo.c vendored
View File

@ -1,4 +1,4 @@
/* $NetBSD: sainfo.c,v 1.4 2006/09/09 16:22:10 manu Exp $ */
/* $NetBSD: sainfo.c,v 1.5 2006/10/03 08:02:51 vanhu Exp $ */
/* $KAME: sainfo.c,v 1.16 2003/06/27 07:32:39 sakane Exp $ */
@ -81,8 +81,9 @@ static LIST_HEAD(_sitree, sainfo) sitree, sitree_save, sitree_tmp;
* First pass is for sainfo from a specified peer, second for others.
*/
struct sainfo *
getsainfo(src, dst, peer)
getsainfo(src, dst, peer, remoteid)
const vchar_t *src, *dst, *peer;
int remoteid;
{
struct sainfo *s = NULL;
struct sainfo *anonymous = NULL;
@ -124,11 +125,13 @@ getsainfo(src, dst, peer)
"getsainfo pass #%i\n", pass);
LIST_FOREACH(s, &sitree, chain) {
const char *sainfostr = sainfo2str(s);
plog(LLV_DEBUG, LOCATION, NULL,
"evaluating sainfo: %s\n", sainfostr);
if(s->remoteid != remoteid)
continue;
if (s->id_i != NULL) {
if (pass == 2)
continue;