[src/netbsd-3]: src/crypto/dist/ipsec-tools/src/racoon Pull up revision 1.6 (...

[tron <tron%NetBSD.org@localhost>]

details:   https://anonhg.NetBSD.org/src/rev/64eb5d99446d
branches:  netbsd-3
changeset: 576610:64eb5d99446d
user:      tron <tron%NetBSD.org@localhost>
date:      Tue Jul 12 17:39:36 2005 +0000

description:
Pull up revision 1.6 (requested by manu in ticket #582):
Don't wipe out IKE ports for SA update as it breaks things: the SA is taken
from an existing SA and already has matching IKE ports.

diffstat:

 crypto/dist/ipsec-tools/src/racoon/pfkey.c |  10 +---------
 1 files changed, 1 insertions(+), 9 deletions(-)

diffs (31 lines):

diff -r 7e5fd7b08cda -r 64eb5d99446d crypto/dist/ipsec-tools/src/racoon/pfkey.c
--- a/crypto/dist/ipsec-tools/src/racoon/pfkey.c        Tue Jul 12 17:37:48 2005 +0000
+++ b/crypto/dist/ipsec-tools/src/racoon/pfkey.c        Tue Jul 12 17:39:36 2005 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: pfkey.c,v 1.1.1.2.2.4 2005/07/12 17:33:44 tron Exp $   */
+/*     $NetBSD: pfkey.c,v 1.1.1.2.2.5 2005/07/12 17:39:36 tron Exp $   */
 
 /* Id: pfkey.c,v 1.31.2.1 2005/02/18 10:01:40 vanhu Exp */
 
@@ -1061,10 +1061,6 @@
                        natt.frag = iph2->ph1->rmconf->esp_frag;
                } else {
                        memset (&natt, 0, sizeof (natt));
-
-                       /* Remove port information, that SA doesn't use it */
-                       set_port(src, 0);
-                       set_port(dst, 0);
                }
 
                if (pfkey_send_update_nat(
@@ -1088,10 +1084,6 @@
                        return -1;
                }
 #else
-               /* Remove port information, it is not used without NAT-T */
-               set_port(src, 0);
-               set_port(dst, 0);
-
                plog(LLV_DEBUG, LOCATION, NULL, "call pfkey_send_update\n");
                if (pfkey_send_update(
                                lcconf->sock_pfkey,