Date: Thu, 13 May 2004 15:56:13 +0100 From: Bruce M Simpson <bms@spc.org> To: "Bjoern A. Zeeb" <bzeeb-lists@lists.zabbadoz.net> Cc: ume@FreeBSD.org Subject: Re: IPSEC ESP NULL no longer works in -CURRENT Message-ID: <20040513145613.GC2957@empiric.dek.spc.org> In-Reply-To: <Pine.BSF.4.53.0405131311550.5710@e0-0.zab2.int.zabbadoz.net> References: <20040513122552.GD1678@empiric.dek.spc.org> <Pine.BSF.4.53.0405131311550.5710@e0-0.zab2.int.zabbadoz.net>
next in thread | previous in thread | raw e-mail | index | archive | help
--OXfL5xGRrasGEqWY Content-Type: text/plain; charset=us-ascii Content-Disposition: inline On Thu, May 13, 2004 at 01:13:02PM +0000, Bjoern A. Zeeb wrote: > setkey is broken imho; check the racoon mailing list archive of > March/April; a fix had been posted there. Thank you. I generated a patch against HEAD from the patch which was posted to the racoon list here: http://www.kame.net/racoon/racoon-ml/msg00427.html I shall commit this unless there are any objections. Regards, BMS --OXfL5xGRrasGEqWY Content-Type: text/plain; charset=us-ascii Content-Disposition: attachment; filename="setkey.patch" Index: parse.y =================================================================== RCS file: /home/ncvs/src/usr.sbin/setkey/parse.y,v retrieving revision 1.6 diff -u -r1.6 parse.y --- parse.y 31 Mar 2004 18:38:02 -0000 1.6 +++ parse.y 13 May 2004 14:51:01 -0000 @@ -322,7 +322,12 @@ p_alg_enc = $1; p_key_enc_len = 0; - p_key_enc = NULL; + p_key_enc = ""; + if (ipsec_check_keylen(SADB_EXT_SUPPORTED_ENCRYPT, + p_alg_enc, PFKEY_UNUNIT64(p_key_enc_len)) < 0) { + yyerror(ipsec_strerror()); + return -1; + } } | ALG_ENC key_string { if ($1 < 0) { --OXfL5xGRrasGEqWY--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040513145613.GC2957>