racoon2-opensolaris Cdiff iked/ike

Print this page

Current snapshot of OpenSolaris port.
Checkpoint
Checkpoint
Merge from parent.
Merge with WIDE update.
Pull from WIDE.
Pull from WIDE.
Checkpoint
Re-update.
blah
WIDE update
Update from WIDE.


*** 3264,3273 ****
--- 3264,3274 ----
                  IKEV2PROPOSAL_AH,
                  IKEV2PROPOSAL_ESP
          };
          const int BITS = 8;
  
+         (void) memset(&param, 0, sizeof (param));
          /*
           * param fields assigned here:
           * seq, samode, (reqid,) ul_proto,
           * spi, satype, enctype, enckey, enckeylen, authtype, authkey, authkeylen,
           *
*** 4280,4293 ****
--- 4281,4306 ----
          switch (config_ipaddr->type) {
          case RCT_ADDR_INET:
                  memcpy(ss, config_ipaddr->a.ipaddr,
                         SOCKADDR_LEN(config_ipaddr->a.ipaddr));
                  addr = (struct sockaddr *)ss;
+ #ifdef sun
+                 /*
+                  * XXX KEBE SAYS we need the port from the "policy".  This, of
+                  * course, goes to hell when we introduce tunnel- mode into
+                  * the mix, and config_ipaddr is != actual_addr.  The IKEv1
+                  * callers of this are restricted to ikev1/pfkey.c, and the
+                  * IKEv2 callers are restricted to ikev2_child.c.  Hopefully
+                  * those callers can account for tunnel-mode or
+                  * transport-mode.  :)
+                  */
+ #else
                  if (!set_port(addr, extract_port(actual_addr))) {
                          plog(PLOG_INTERR, PLOGLOC, 0, "set_port failed\n");
                          return NULL;
                  }
+ #endif
                  break;
  
          case RCT_ADDR_MACRO:
                  if (rcs_is_addr_rw(config_ipaddr))
                          return actual_addr;
*** 4307,4322 ****
  
                  memcpy(ss, addrlist->a.ipaddr,
                         SOCKADDR_LEN(addrlist->a.ipaddr));
                  rcs_free_addrlist(addrlist);
                  addr = (struct sockaddr *)ss;
                  if (!set_port(addr, extract_port(actual_addr))) {
                          plog(PLOG_INTERR, PLOGLOC, 0, "set_port failed\n");
                          return NULL;
                  }
                  break;
- 
          default:
                  plog(PLOG_INTERR, PLOGLOC, 0,
                       "my_sa_ipaddr or peers_sa_ipaddr is "
                       "unsupported address type (type %s)\n",
                       rct2str(config_ipaddr->type));
--- 4320,4346 ----
  
                  memcpy(ss, addrlist->a.ipaddr,
                         SOCKADDR_LEN(addrlist->a.ipaddr));
                  rcs_free_addrlist(addrlist);
                  addr = (struct sockaddr *)ss;
+ #ifdef sun
+                 /*
+                  * XXX KEBE SAYS we need the port from the "policy".  This, of
+                  * course, goes to hell when we introduce tunnel- mode into
+                  * the mix, and config_ipaddr is != actual_addr.  The IKEv1
+                  * callers of this are restricted to ikev1/pfkey.c, and the
+                  * IKEv2 callers are restricted to ikev2_child.c.  Hopefully
+                  * those callers can account for tunnel-mode or
+                  * transport-mode.  :)
+                  */
+ #else
                  if (!set_port(addr, extract_port(actual_addr))) {
                          plog(PLOG_INTERR, PLOGLOC, 0, "set_port failed\n");
                          return NULL;
                  }
+ #endif
                  break;
          default:
                  plog(PLOG_INTERR, PLOGLOC, 0,
                       "my_sa_ipaddr or peers_sa_ipaddr is "
                       "unsupported address type (type %s)\n",
                       rct2str(config_ipaddr->type));