diff options
author | bms <bms@FreeBSD.org> | 2004-02-11 04:34:34 +0000 |
---|---|---|
committer | bms <bms@FreeBSD.org> | 2004-02-11 04:34:34 +0000 |
commit | 9ce9891eda27e795842235191242d30adbed875f (patch) | |
tree | a0a78792b610ea5a9a0f7dfb08f47c3816efb276 /lib/libipsec/pfkey_dump.c | |
parent | 903cdeea1a6d0c99fecc1d8aeeab65bdfbab46d7 (diff) | |
download | FreeBSD-src-9ce9891eda27e795842235191242d30adbed875f.zip FreeBSD-src-9ce9891eda27e795842235191242d30adbed875f.tar.gz |
Initial import of RFC 2385 (TCP-MD5) digest support.
This is the second of two commits; bring in the userland support to finish.
Teach libipsec and setkey about the tcp-md5 class of security associations,
thus allowing administrators to add per-host keys to the SADB for use by
the tcpsignature_compute() function.
Document that a single SPI must be used until such time as the code which
adds support to the SPD to specify flows for tcp-md5 treatment is suitable
for production.
Sponsored by: sentex.net
Diffstat (limited to 'lib/libipsec/pfkey_dump.c')
-rw-r--r-- | lib/libipsec/pfkey_dump.c | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/lib/libipsec/pfkey_dump.c b/lib/libipsec/pfkey_dump.c index 393f74e..d8d4676 100644 --- a/lib/libipsec/pfkey_dump.c +++ b/lib/libipsec/pfkey_dump.c @@ -126,6 +126,8 @@ static char *str_satype[] = { "ripv2", "mip", "ipcomp", + "policy", + "tcp" }; static char *str_mode[] = { @@ -148,6 +150,7 @@ static struct val2str str_alg_auth[] = { { SADB_X_AALG_MD5, "md5", }, { SADB_X_AALG_SHA, "sha", }, { SADB_X_AALG_NULL, "null", }, + { SADB_X_AALG_TCP_MD5, "tcp-md5", }, #ifdef SADB_X_AALG_SHA2_256 { SADB_X_AALG_SHA2_256, "hmac-sha2-256", }, #endif |