[src/trunk]: src/sys/netipsec include the SHA2 hashs into the proposal which ...

[drochner <drochner%NetBSD.org@localhost>]

details:   https://anonhg.NetBSD.org/src/rev/6990987bf743
branches:  trunk
changeset: 765079:6990987bf743
user:      drochner <drochner%NetBSD.org@localhost>
date:      Wed May 18 18:56:02 2011 +0000

description:
include the SHA2 hashs into the proposal which goes out with
SADB_ACQUIRE -- this doesn't change much because racoon ignores
the proposal from the kernel anyway and applies its own configuration,
but having MD5 and SHA1 in the list but SHA2 not looks strange

diffstat:

 sys/netipsec/key.c |  10 +++++++---
 1 files changed, 7 insertions(+), 3 deletions(-)

diffs (31 lines):

diff -r a060982694e6 -r 6990987bf743 sys/netipsec/key.c
--- a/sys/netipsec/key.c        Wed May 18 18:41:59 2011 +0000
+++ b/sys/netipsec/key.c        Wed May 18 18:56:02 2011 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: key.c,v 1.69 2011/05/18 18:36:15 drochner Exp $        */
+/*     $NetBSD: key.c,v 1.70 2011/05/18 18:56:02 drochner Exp $        */
 /*     $FreeBSD: src/sys/netipsec/key.c,v 1.3.2.3 2004/02/14 22:23:23 bms Exp $        */
 /*     $KAME: key.c,v 1.191 2001/06/27 10:46:49 sakane Exp $   */
        
@@ -32,7 +32,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: key.c,v 1.69 2011/05/18 18:36:15 drochner Exp $");
+__KERNEL_RCSID(0, "$NetBSD: key.c,v 1.70 2011/05/18 18:56:02 drochner Exp $");
 
 /*
  * This code is referd to RFC 2367
@@ -6138,7 +6138,11 @@
        for (i = 1; i <= SADB_AALG_MAX; i++) {
 #if 1
                /* we prefer HMAC algorithms, not old algorithms */
-               if (i != SADB_AALG_SHA1HMAC && i != SADB_AALG_MD5HMAC)
+               if (i != SADB_AALG_SHA1HMAC &&
+                   i != SADB_AALG_MD5HMAC &&
+                   i != SADB_X_AALG_SHA2_256 &&
+                   i != SADB_X_AALG_SHA2_384 &&
+                   i != SADB_X_AALG_SHA2_512)
                        continue;
 #endif
                algo = ah_algorithm_lookup(i);