Initial import of RFC 2385 (TCP-MD5) digest support.

This is the second of two commits; bring in the userland support to finish. Teach libipsec and setkey about the tcp-md5 class of security associations, thus allowing administrators to add per-host keys to the SADB for use by the tcpsignature_compute() function. Document that a single SPI must be used until such time as the code which adds support to the SPD to specify flows for tcp-md5 treatment is suitable for production. Sponsored by: sentex.net
author: bms <bms@FreeBSD.org> 2004-02-11 04:34:34 +0000
committer: bms <bms@FreeBSD.org> 2004-02-11 04:34:34 +0000
commit: 9ce9891eda27e795842235191242d30adbed875f (patch)
tree: a0a78792b610ea5a9a0f7dfb08f47c3816efb276 /lib/libipsec/pfkey_dump.c
parent: 903cdeea1a6d0c99fecc1d8aeeab65bdfbab46d7 (diff)
download: FreeBSD-src-9ce9891eda27e795842235191242d30adbed875f.zip
FreeBSD-src-9ce9891eda27e795842235191242d30adbed875f.tar.gz
1 files changed, 3 insertions, 0 deletions
diff --git a/lib/libipsec/pfkey_dump.c b/lib/libipsec/pfkey_dump.c
index 393f74e..d8d4676 100644
--- a/lib/libipsec/pfkey_dump.c
+++ b/lib/libipsec/pfkey_dump.c
@@ -126,6 +126,8 @@ static char *str_satype[] = {
 	"ripv2",
 	"mip",
 	"ipcomp",
+	"policy",
+	"tcp"
 };
 
 static char *str_mode[] = {
@@ -148,6 +150,7 @@ static struct val2str str_alg_auth[] = {
 	{ SADB_X_AALG_MD5, "md5", },
 	{ SADB_X_AALG_SHA, "sha", },
 	{ SADB_X_AALG_NULL, "null", },
+	{ SADB_X_AALG_TCP_MD5, "tcp-md5", },
 #ifdef SADB_X_AALG_SHA2_256
 	{ SADB_X_AALG_SHA2_256, "hmac-sha2-256", },
 #endif
author	bms <bms@FreeBSD.org>	2004-02-11 04:34:34 +0000
committer	bms <bms@FreeBSD.org>	2004-02-11 04:34:34 +0000
commit	9ce9891eda27e795842235191242d30adbed875f (patch)
tree	a0a78792b610ea5a9a0f7dfb08f47c3816efb276 /lib/libipsec/pfkey_dump.c
parent	903cdeea1a6d0c99fecc1d8aeeab65bdfbab46d7 (diff)
download	FreeBSD-src-9ce9891eda27e795842235191242d30adbed875f.zip FreeBSD-src-9ce9891eda27e795842235191242d30adbed875f.tar.gz