Subject: Re: bin/29915 Can't setkey for tcp-md5 anymore
To: None <gnats-admin@netbsd.org, netbsd-bugs@netbsd.org>
From: Peter Eisch <peter@boku.net>
List: netbsd-bugs
Date: 04/09/2005 04:51:01
The following reply was made to PR bin/29915; it has been noted by GNATS.
From: Peter Eisch <peter@boku.net>
To: Emmanuel Dreyfus <manu@netbsd.org>, <gnats-bugs@netbsd.org>
Cc:
Subject: Re: bin/29915 Can't setkey for tcp-md5 anymore
Date: Fri, 08 Apr 2005 23:51:07 -0500
Over in libipsec I made a change which may or may not have helped things. I
did also reload my config and my network layout a little and things seemed
to start working.
I'm going to clean my systems of my debugging messes and verify with a real
load. Again, I'll bet the array str_satype isn't right, but the auth array
probably needs that value.
peter
--- pfkey_dump.c.orig 2005-03-10 07:12:21.000000000 -0600
+++ pfkey_dump.c 2005-04-08 22:43:54.000000000 -0500
@@ -130,6 +130,9 @@ static char *str_satype[] = {
"ripv2",
"mip",
"ipcomp",
+ "undef",
+ "undef",
+ "tcp",
};
static char *str_mode[] = {
@@ -167,6 +170,9 @@ static struct val2str str_alg_auth[] = {
#ifdef SADB_X_AALG_AES_XCBC_MAC
{ SADB_X_AALG_AES_XCBC_MAC, "aes-xcbc-mac", },
#endif
+#ifdef SADB_X_AALG_TCP_MD5
+ { SADB_X_AALG_TCP_MD5, "tcp-md5", },
+#endif
{ -1, NULL, },
};