diff options
author | bms <bms@FreeBSD.org> | 2004-02-11 04:34:34 +0000 |
---|---|---|
committer | bms <bms@FreeBSD.org> | 2004-02-11 04:34:34 +0000 |
commit | 9ce9891eda27e795842235191242d30adbed875f (patch) | |
tree | a0a78792b610ea5a9a0f7dfb08f47c3816efb276 /lib/libipsec/policy_token.l | |
parent | 903cdeea1a6d0c99fecc1d8aeeab65bdfbab46d7 (diff) | |
download | FreeBSD-src-9ce9891eda27e795842235191242d30adbed875f.zip FreeBSD-src-9ce9891eda27e795842235191242d30adbed875f.tar.gz |
Initial import of RFC 2385 (TCP-MD5) digest support.
This is the second of two commits; bring in the userland support to finish.
Teach libipsec and setkey about the tcp-md5 class of security associations,
thus allowing administrators to add per-host keys to the SADB for use by
the tcpsignature_compute() function.
Document that a single SPI must be used until such time as the code which
adds support to the SPD to specify flows for tcp-md5 treatment is suitable
for production.
Sponsored by: sentex.net
Diffstat (limited to 'lib/libipsec/policy_token.l')
-rw-r--r-- | lib/libipsec/policy_token.l | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/lib/libipsec/policy_token.l b/lib/libipsec/policy_token.l index ced57b3..f957569 100644 --- a/lib/libipsec/policy_token.l +++ b/lib/libipsec/policy_token.l @@ -97,6 +97,7 @@ entrust { yylval.num = IPSEC_POLICY_ENTRUST; return(ACTION); } esp { yylval.num = IPPROTO_ESP; return(PROTOCOL); } ah { yylval.num = IPPROTO_AH; return(PROTOCOL); } ipcomp { yylval.num = IPPROTO_IPCOMP; return(PROTOCOL); } +tcp { yylval.num = IPPROTO_TCP; return(PROTOCOL); } transport { yylval.num = IPSEC_MODE_TRANSPORT; return(MODE); } tunnel { yylval.num = IPSEC_MODE_TUNNEL; return(MODE); } |