[src/trunk]: src/crypto/dist/ipsec-tools/src/racoon Don't wipe out IKE ports ...

[manu <manu%NetBSD.org@localhost>]

details:   https://anonhg.NetBSD.org/src/rev/fc0d45104154
branches:  trunk
changeset: 582962:fc0d45104154
user:      manu <manu%NetBSD.org@localhost>
date:      Tue Jul 12 16:24:29 2005 +0000

description:
Don't wipe out IKE ports for SA update as it breaks things: the SA is taken
from an existing SA and already has matching IKE ports.

diffstat:

 crypto/dist/ipsec-tools/src/racoon/pfkey.c |  10 +---------
 1 files changed, 1 insertions(+), 9 deletions(-)

diffs (31 lines):

diff -r 0967afd8f938 -r fc0d45104154 crypto/dist/ipsec-tools/src/racoon/pfkey.c
--- a/crypto/dist/ipsec-tools/src/racoon/pfkey.c        Tue Jul 12 15:06:17 2005 +0000
+++ b/crypto/dist/ipsec-tools/src/racoon/pfkey.c        Tue Jul 12 16:24:29 2005 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: pfkey.c,v 1.5 2005/07/12 14:14:46 manu Exp $   */
+/*     $NetBSD: pfkey.c,v 1.6 2005/07/12 16:24:29 manu Exp $   */
 
 /* Id: pfkey.c,v 1.31.2.1 2005/02/18 10:01:40 vanhu Exp */
 
@@ -1061,10 +1061,6 @@
                        natt.frag = iph2->ph1->rmconf->esp_frag;
                } else {
                        memset (&natt, 0, sizeof (natt));
-
-                       /* Remove port information, that SA doesn't use it */
-                       set_port(src, 0);
-                       set_port(dst, 0);
                }
 
                if (pfkey_send_update_nat(
@@ -1088,10 +1084,6 @@
                        return -1;
                }
 #else
-               /* Remove port information, it is not used without NAT-T */
-               set_port(src, 0);
-               set_port(dst, 0);
-
                plog(LLV_DEBUG, LOCATION, NULL, "call pfkey_send_update\n");
                if (pfkey_send_update(
                                lcconf->sock_pfkey,