diff options
-rw-r--r-- | lib/libipsec/pfkey_dump.c | 16 | ||||
-rw-r--r-- | sbin/setkey/scriptdump.pl | 4 | ||||
-rw-r--r-- | sys/net/pfkeyv2.h | 4 | ||||
-rw-r--r-- | sys/netkey/key.c | 15 | ||||
-rw-r--r-- | sys/netkey/key_debug.c | 8 | ||||
-rw-r--r-- | usr.sbin/setkey/scriptdump.pl | 4 |
6 files changed, 28 insertions, 23 deletions
diff --git a/lib/libipsec/pfkey_dump.c b/lib/libipsec/pfkey_dump.c index 6c74bcd..b673475 100644 --- a/lib/libipsec/pfkey_dump.c +++ b/lib/libipsec/pfkey_dump.c @@ -1,5 +1,5 @@ /* $FreeBSD$ */ -/* $KAME: pfkey_dump.c,v 1.27 2001/03/12 09:03:38 itojun Exp $ */ +/* $KAME: pfkey_dump.c,v 1.28 2001/06/27 10:46:51 sakane Exp $ */ /* * Copyright (C) 1995, 1996, 1997, 1998, and 1999 WIDE Project. @@ -300,17 +300,15 @@ pfkey_sadump(m) } /* replay windoe size & flags */ - printf("\treplay=%u flags=0x%08x ", + printf("\tseq=0x%08x replay=%u flags=0x%08x ", + m_sa2->sadb_x_sa2_sequence, m_sa->sadb_sa_replay, m_sa->sadb_sa_flags); /* state */ printf("state="); GETMSGSTR(str_state, m_sa->sadb_sa_state); - - printf("seq=%lu pid=%lu\n", - (u_long)m->sadb_msg_seq, - (u_long)m->sadb_msg_pid); + printf("\n"); /* lifetime */ if (m_lftc != NULL) { @@ -354,8 +352,12 @@ pfkey_sadump(m) 0 : m_lfts->sadb_lifetime_allocations)); } + printf("\tsadb_seq=%lu pid=%lu ", + (u_long)m->sadb_msg_seq, + (u_long)m->sadb_msg_pid); + /* XXX DEBUG */ - printf("\trefcnt=%u\n", m->sadb_msg_reserved); + printf("refcnt=%u\n", m->sadb_msg_reserved); return; } diff --git a/sbin/setkey/scriptdump.pl b/sbin/setkey/scriptdump.pl index 33907dc..a1d8adb 100644 --- a/sbin/setkey/scriptdump.pl +++ b/sbin/setkey/scriptdump.pl @@ -32,9 +32,9 @@ foreach $_ (<IN>) { $akey = $2; $akey =~ s/\s//g; $akey =~ s/^/0x/g; - } elsif (/^\treplay=(\d+) flags=(0x\d+) state=/) { + } elsif (/^\tseq=(0x\d+) replay=(\d+) flags=(0x\d+) state=/) { print "$mode $src $dst $proto $spi"; - $replay = $1; + $replay = $2; print " -u $reqid" if $reqid; if ($mode eq 'add') { print " -m $ipsecmode -r $replay" if $replay; diff --git a/sys/net/pfkeyv2.h b/sys/net/pfkeyv2.h index f1c22ad..1c1952c 100644 --- a/sys/net/pfkeyv2.h +++ b/sys/net/pfkeyv2.h @@ -1,5 +1,5 @@ /* $FreeBSD$ */ -/* $KAME: pfkeyv2.h,v 1.25 2001/03/12 08:34:06 itojun Exp $ */ +/* $KAME: pfkeyv2.h,v 1.26 2001/06/27 10:49:49 sakane Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. @@ -213,7 +213,7 @@ struct sadb_x_sa2 { u_int8_t sadb_x_sa2_mode; u_int8_t sadb_x_sa2_reserved1; u_int16_t sadb_x_sa2_reserved2; - u_int32_t sadb_x_sa2_reserved3; + u_int32_t sadb_x_sa2_sequence; u_int32_t sadb_x_sa2_reqid; }; diff --git a/sys/netkey/key.c b/sys/netkey/key.c index 17c3055..c3d8954 100644 --- a/sys/netkey/key.c +++ b/sys/netkey/key.c @@ -1,5 +1,5 @@ /* $FreeBSD$ */ -/* $KAME: key.c,v 1.190 2001/06/04 22:35:10 itojun Exp $ */ +/* $KAME: key.c,v 1.191 2001/06/27 10:46:49 sakane Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. @@ -404,7 +404,7 @@ static struct mbuf *key_setsadbaddr __P((u_int16_t, static struct mbuf *key_setsadbident __P((u_int16_t, u_int16_t, caddr_t, int, u_int64_t)); #endif -static struct mbuf *key_setsadbxsa2(u_int8_t, u_int32_t); +static struct mbuf *key_setsadbxsa2 __P((u_int8_t, u_int32_t, u_int32_t)); static struct mbuf *key_setsadbxpolicy __P((u_int16_t, u_int8_t, u_int32_t)); static void *key_newbuf __P((const void *, u_int)); @@ -3421,6 +3421,7 @@ key_setdumpsa(sav, type, satype, seq, pid) case SADB_X_EXT_SA2: m = key_setsadbxsa2(sav->sah->saidx.mode, + sav->replay ? sav->replay->count : 0, sav->sah->saidx.reqid); if (!m) goto fail; @@ -3693,9 +3694,9 @@ key_setsadbident(exttype, idtype, string, stringlen, id) * set data into sadb_x_sa2. */ static struct mbuf * -key_setsadbxsa2(mode, reqid) +key_setsadbxsa2(mode, seq, reqid) u_int8_t mode; - u_int32_t reqid; + u_int32_t seq, reqid; { struct mbuf *m; struct sadb_x_sa2 *p; @@ -3717,7 +3718,7 @@ key_setsadbxsa2(mode, reqid) p->sadb_x_sa2_mode = mode; p->sadb_x_sa2_reserved1 = 0; p->sadb_x_sa2_reserved2 = 0; - p->sadb_x_sa2_reserved3 = 0; + p->sadb_x_sa2_sequence = seq; p->sadb_x_sa2_reqid = reqid; return m; @@ -6528,7 +6529,9 @@ key_expire(sav) m_cat(result, m); /* create SA extension */ - m = key_setsadbxsa2(sav->sah->saidx.mode, sav->sah->saidx.reqid); + m = key_setsadbxsa2(sav->sah->saidx.mode, + sav->replay ? sav->replay->count : 0, + sav->sah->saidx.reqid); if (!m) { error = ENOBUFS; goto fail; diff --git a/sys/netkey/key_debug.c b/sys/netkey/key_debug.c index 76a59f3..52a1b8d 100644 --- a/sys/netkey/key_debug.c +++ b/sys/netkey/key_debug.c @@ -1,5 +1,5 @@ /* $FreeBSD$ */ -/* $KAME: key_debug.c,v 1.25 2000/07/24 13:23:12 itojun Exp $ */ +/* $KAME: key_debug.c,v 1.26 2001/06/27 10:46:50 sakane Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. @@ -388,9 +388,9 @@ kdebug_sadb_x_sa2(ext) printf("sadb_x_sa2{ mode=%u reqid=%u\n", sa2->sadb_x_sa2_mode, sa2->sadb_x_sa2_reqid); - printf(" reserved1=%u reserved2=%u reserved3=%u }\n", - sa2->sadb_x_sa2_reserved1, sa2->sadb_x_sa2_reserved1, - sa2->sadb_x_sa2_reserved1); + printf(" reserved1=%u reserved2=%u sequence=%u }\n", + sa2->sadb_x_sa2_reserved1, sa2->sadb_x_sa2_reserved2, + sa2->sadb_x_sa2_sequence); return; } diff --git a/usr.sbin/setkey/scriptdump.pl b/usr.sbin/setkey/scriptdump.pl index 33907dc..a1d8adb 100644 --- a/usr.sbin/setkey/scriptdump.pl +++ b/usr.sbin/setkey/scriptdump.pl @@ -32,9 +32,9 @@ foreach $_ (<IN>) { $akey = $2; $akey =~ s/\s//g; $akey =~ s/^/0x/g; - } elsif (/^\treplay=(\d+) flags=(0x\d+) state=/) { + } elsif (/^\tseq=(0x\d+) replay=(\d+) flags=(0x\d+) state=/) { print "$mode $src $dst $proto $spi"; - $replay = $1; + $replay = $2; print " -u $reqid" if $reqid; if ($mode eq 'add') { print " -m $ipsecmode -r $replay" if $replay; |