CyberLeo.Net >> Repos - FreeBSD/FreeBSD.git/commit

author	ae <ae@FreeBSD.org>
	Thu, 27 Apr 2017 12:16:58 +0000 (12:16 +0000)
committer	ae <ae@FreeBSD.org>
	Thu, 27 Apr 2017 12:16:58 +0000 (12:16 +0000)
commit	50ac70e9ae73d6c1dc2690d5c4e5266ab1a59601
tree	79cab23ec9de3cbda06793ced7044ad940801d19	tree \| snapshot
parent	6286e9852a12088fe739142a3ff25c51f33d539a	commit \| diff

MFC r316759:
  Add large replay widow support to setkey(8) and libipsec.

  When the replay window size is large than UINT8_MAX, add to the request
  the SADB_X_EXT_SA_REPLAY extension header that was added in r309144.

  Also add support of SADB_X_EXT_NAT_T_TYPE, SADB_X_EXT_NAT_T_SPORT,
  SADB_X_EXT_NAT_T_DPORT, SADB_X_EXT_NAT_T_OAI, SADB_X_EXT_NAT_T_OAR,
  SADB_X_EXT_SA_REPLAY, SADB_X_EXT_NEW_ADDRESS_SRC, SADB_X_EXT_NEW_ADDRESS_DST
  extension headers to the key_debug that is used by `setkey -x`.

  Modify kdebug_sockaddr() to use inet_ntop() for IP addresses formatting.
  And modify kdebug_sadb_x_policy() to show policy scope and priority.

  Reviewed by: gnn, Emeric Poupon
  Differential Revision: https://reviews.freebsd.org/D10375

lib/libipsec/pfkey.c		diff \| blob \| history
sbin/setkey/Makefile		diff \| blob \| history
sbin/setkey/parse.y		diff \| blob \| history
sys/netipsec/key_debug.c		diff \| blob \| history