user_fqdn { YYD; yylval.num = IDTYPE_USERFQDN; return(IDENTIFIERTYPE); }
fqdn { YYD; yylval.num = IDTYPE_FQDN; return(IDENTIFIERTYPE); }
keyid { YYD; yylval.num = IDTYPE_KEYID; return(IDENTIFIERTYPE); }
+keyid_use { YYD; yylval.num = IDTYPE_KEYIDUSE; return(IDENTIFIERTYPE); }
address { YYD; yylval.num = IDTYPE_ADDRESS; return(IDENTIFIERTYPE); }
asn1dn { YYD; yylval.num = IDTYPE_ASN1DN; return(IDENTIFIERTYPE); }
certname { YYD; yywarn("certname will be obsoleted in near future."); yylval.num = IDTYPE_ASN1DN; return(IDENTIFIERTYPE); }
ident = getidval(iph1->rmconf->idvtype, iph1->rmconf->idv);
break;
case IDTYPE_KEYID:
+ case IDTYPE_KEYIDUSE:
id_b.type = IPSECDOI_ID_KEY_ID;
ident = getidval(iph1->rmconf->idvtype, iph1->rmconf->idv);
break;
switch (type) {
case IDTYPE_FQDN:
case IDTYPE_USERFQDN:
+ case IDTYPE_KEYIDUSE:
/* length is adjusted since QUOTEDSTRING teminates NULL. */
new = vmalloc(value->l - 1);
if (new == NULL)
#define IDTYPE_KEYID 2
#define IDTYPE_ADDRESS 3
#define IDTYPE_ASN1DN 4
+#define IDTYPE_KEYIDUSE 5
/* shared secret type, it's internal use. */
#define SECRETTYPE_USE 0
pa->type != ISAKMP_NPTYPE_NONE;
pa++)
{
- if (pa->type == ISAKMP_NPTYPE_NATD_RFC ||
- pa->type == ISAKMP_NPTYPE_NATD_DRAFT ||
- pa->type == ISAKMP_NPTYPE_NATD_BADDRAFT)
- {
- if (pa->type != iph1->natd_payload_type) {
- plog(LLV_ERROR, LOCATION, iph1->remote,
- "ignore the packet, "
- "received unexpected natd payload type %d.\n",
- pa->type);
- goto end;
- }
-
+ if (pa->type == iph1->natd_payload_type) {
natd_match_t match = natd_matches(iph1, pa->ptr);
iph1->natt_flags |= natt_natd_received;
if ((match & natd_match_local) != 0)
case ISAKMP_NPTYPE_NATD_DRAFT:
case ISAKMP_NPTYPE_NATD_BADDRAFT:
#ifdef IKE_NAT_T
- if (pa->type != iph1->natd_payload_type) {
- plog(LLV_ERROR, LOCATION, iph1->remote,
- "ignore the packet, "
- "received unexpected natd payload type %d.\n",
- pa->type);
- goto end;
- }
-
- {
+ if (pa->type == iph1->natd_payload_type) {
natd_match_t match = natd_matches(iph1, pa->ptr);
iph1->natt_flags |= natt_natd_received;
if ((match & natd_match_local) != 0)
case ISAKMP_NPTYPE_NATD_DRAFT:
case ISAKMP_NPTYPE_NATD_BADDRAFT:
#ifdef IKE_NAT_T
- {
- natd_match_t match;
- if (pa->type != iph1->natd_payload_type) {
- plog(LLV_ERROR, LOCATION, iph1->remote,
- "ignore the packet, "
- "received unexpected natd payload type %d.\n",
- pa->type);
- goto end;
- }
- match = natd_matches(iph1, pa->ptr);
+ if (pa->type == iph1->natd_payload_type) {
+ natd_match_t match = natd_matches(iph1, pa->ptr);
iph1->natt_flags |= natt_natd_received;
if ((match & natd_match_local) != 0)
iph1->natt_flags |= natt_no_local_nat;
case ISAKMP_NPTYPE_NATD_DRAFT:
case ISAKMP_NPTYPE_NATD_BADDRAFT:
#ifdef IKE_NAT_T
- {
- natd_match_t match;
-
- if (pa->type != iph1->natd_payload_type) {
- plog(LLV_ERROR, LOCATION, iph1->remote,
- "ignore the packet, "
- "received unexpected natd payload type %d.\n",
- pa->type);
- goto end;
- }
- match = natd_matches(iph1, pa->ptr);
+ if (pa->type == iph1->natd_payload_type) {
+ natd_match_t match = natd_matches(iph1, pa->ptr);
iph1->natt_flags |= natt_natd_received;
if ((match & natd_match_local) != 0)
iph1->natt_flags |= natt_no_local_nat;
projects / apple / network_cmds.git / commitdiff
