tech-net: Re: (last) backward incompatible change in ipsec layer

Subject: Re: (last) backward incompatible change in ipsec layer
To: Jun-ichiro itojun Hagino <itojun@iijlab.net>
From: Jason R Thorpe <thorpej@zembu.com>
List: tech-net
Date: 07/16/2000 10:30:33
On Sun, Jul 16, 2000 at 05:47:20PM +0900, Jun-ichiro itojun Hagino wrote:

This is fine.  Best to do it now before we release.

Please commit it to the trunk, and pull it up to netbsd-1-5, and make
an appropriate announcement to netbsd-announce (to warn those who are
using tools that will be affected by the change).

 > 	I need to bring in a backward incompatible change into net/pfkeyv2.h.
 > 	this should be the last backward incompatible change as 1.5 is very
 > 	close.  the change is basically the following header change,
 > 	with *.c changes to sync with those.  without the change, we have
 > 	incomplete PF_KEY API conformance (RFC2367).  sorry for the mess.
 > 
 > itojun
 > 
 > 
 > Index: pfkeyv2.h
 > ===================================================================
 > RCS file: /cvsroot/kame/kame/kame/sys/net/pfkeyv2.h,v
 > retrieving revision 1.17
 > retrieving revision 1.18
 > diff -u -r1.17 -r1.18
 > --- pfkeyv2.h	2000/06/22 08:38:33	1.17
 > +++ pfkeyv2.h	2000/07/15 16:07:47	1.18
 > @@ -1,4 +1,4 @@
 > -/*	$KAME: pfkeyv2.h,v 1.17 2000/06/22 08:38:33 sakane Exp $	*/
 > +/*	$KAME: pfkeyv2.h,v 1.18 2000/07/15 16:07:47 itojun Exp $	*/
 >  
 >  /*
 >   * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
 > @@ -297,22 +297,27 @@
 >  
 >  #define SADB_SAFLAGS_PFS      1
 >  
 > -#define SADB_AALG_NONE          0
 > -#define SADB_AALG_MD5HMAC       1	/* 2 */
 > -#define SADB_AALG_SHA1HMAC      2	/* 3 */
 > -#define SADB_AALG_MD5           3       /* Keyed MD5 */
 > -#define SADB_AALG_SHA           4       /* Keyed SHA */
 > -#define SADB_AALG_NULL          5       /* null authentication */
 > -#define SADB_AALG_MAX           6
 > -
 > -#define SADB_EALG_NONE          0
 > -#define SADB_EALG_DESCBC        1	/* 2 */
 > -#define SADB_EALG_3DESCBC       2	/* 3 */
 > -#define SADB_EALG_NULL          3	/* 11 */
 > -#define SADB_EALG_BLOWFISHCBC   4
 > -#define SADB_EALG_CAST128CBC    5
 > -#define SADB_EALG_RC5CBC        6
 > -#define SADB_EALG_MAX           7
 > +/* RFC2367 numbers - meets RFC2407 */
 > +#define SADB_AALG_NONE		0
 > +#define SADB_AALG_MD5HMAC	2
 > +#define SADB_AALG_SHA1HMAC	3
 > +#define SADB_AALG_MAX		251
 > +/* private allocations should use 249-255 (RFC2407) */
 > +#define SADB_X_AALG_MD5		249	/* Keyed MD5 */
 > +#define SADB_X_AALG_SHA		250	/* Keyed SHA */
 > +#define SADB_X_AALG_NULL	251	/* null authentication */
 > +
 > +/* RFC2367 numbers - meets RFC2407 */
 > +#define SADB_EALG_NONE		0
 > +#define SADB_EALG_DESCBC	2
 > +#define SADB_EALG_3DESCBC	3
 > +#define SADB_EALG_NULL		11
 > +#define SADB_EALG_MAX		11
 > +/* private allocations - based on RFC2407 */
 > +#define SADB_X_EALG_RC5CBC	4
 > +#define SADB_X_EALG_CAST128CBC	6
 > +#define SADB_X_EALG_BLOWFISHCBC 7
 > +/* private allocations should use 249-255 (RFC2407) */
 >  
 >  #if 1	/*nonstandard */
 >  #define SADB_X_CALG_NONE	0
 > 

-- 
        -- Jason R. Thorpe <thorpej@zembu.com>