Subject: Re: bin/29915 Can't setkey for tcp-md5 anymore
To: None <gnats-admin@netbsd.org, netbsd-bugs@netbsd.org>
From: Peter Eisch <peter@boku.net>
List: netbsd-bugs
Date: 04/09/2005 04:51:01
The following reply was made to PR bin/29915; it has been noted by GNATS.

From: Peter Eisch <peter@boku.net>
To: Emmanuel Dreyfus <manu@netbsd.org>, <gnats-bugs@netbsd.org>
Cc: 
Subject: Re: bin/29915 Can't setkey for tcp-md5 anymore
Date: Fri, 08 Apr 2005 23:51:07 -0500

 Over in libipsec I made a change which may or may not have helped things.  I
 did  also reload my config and my network layout a little and things seemed
 to start working.
 
 I'm going to clean my systems of my debugging messes and verify with a real
 load.  Again, I'll bet the array str_satype isn't right, but the auth array
 probably needs that value.
 
 peter
 
 --- pfkey_dump.c.orig   2005-03-10 07:12:21.000000000 -0600
 +++ pfkey_dump.c        2005-04-08 22:43:54.000000000 -0500
 @@ -130,6 +130,9 @@ static char *str_satype[] = {
         "ripv2",
         "mip",
         "ipcomp",
 +       "undef",
 +       "undef",
 +       "tcp",
  };
  
  static char *str_mode[] = {
 @@ -167,6 +170,9 @@ static struct val2str str_alg_auth[] = {
  #ifdef SADB_X_AALG_AES_XCBC_MAC
         { SADB_X_AALG_AES_XCBC_MAC, "aes-xcbc-mac", },
  #endif
 +#ifdef SADB_X_AALG_TCP_MD5
 +       { SADB_X_AALG_TCP_MD5, "tcp-md5", },
 +#endif
         { -1, NULL, },
  };