Date: Sun, 20 May 2012 20:25:23 +0000 (UTC) From: "Bjoern A. Zeeb" <bz@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-9@freebsd.org Subject: svn commit: r235696 - stable/9/lib/libipsec Message-ID: <201205202025.q4KKPNAx014170@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: bz Date: Sun May 20 20:25:22 2012 New Revision: 235696 URL: http://svn.freebsd.org/changeset/base/235696 Log: MFC r231532: MFp4 204292: Ignore the NAT_T extension types so we can at least dump the SADB from the in-base libipsec/setkey without error when NAT_T support is present in the kernel, though not printing the additional information yet. However in case there is no NAT_T support in kernel still consider them to be an error. Modified: stable/9/lib/libipsec/pfkey.c Directory Properties: stable/9/lib/libipsec/ (props changed) Modified: stable/9/lib/libipsec/pfkey.c ============================================================================== --- stable/9/lib/libipsec/pfkey.c Sun May 20 18:25:45 2012 (r235695) +++ stable/9/lib/libipsec/pfkey.c Sun May 20 20:25:22 2012 (r235696) @@ -1778,6 +1778,18 @@ pfkey_align(msg, mhp) case SADB_X_EXT_SA2: mhp[ext->sadb_ext_type] = (caddr_t)ext; break; + case SADB_X_EXT_NAT_T_TYPE: + case SADB_X_EXT_NAT_T_SPORT: + case SADB_X_EXT_NAT_T_DPORT: + /* case SADB_X_EXT_NAT_T_OA: is OAI */ + case SADB_X_EXT_NAT_T_OAI: + case SADB_X_EXT_NAT_T_OAR: + case SADB_X_EXT_NAT_T_FRAG: + if (feature_present("ipsec_natt")) { + mhp[ext->sadb_ext_type] = (caddr_t)ext; + break; + } + /* FALLTHROUGH */ default: __ipsec_errcode = EIPSEC_INVAL_EXTTYPE; return -1;
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201205202025.q4KKPNAx014170>