CVS commit: [netbsd-5] src/crypto/dist/ipsec-tools/src/racoon

[Soren Jacobsen]

Module Name:    src
Committed By:   snj
Date:           Sat Jan 30 19:44:31 UTC 2010

Modified Files:
        src/crypto/dist/ipsec-tools/src/racoon [netbsd-5]: isakmp.c
            racoon.conf.5

Log Message:
Pull up following revision(s) (requested by hubertf in ticket #1281):
        crypto/dist/ipsec-tools/src/racoon/isakmp.c: revision 1.59
        crypto/dist/ipsec-tools/src/racoon/racoon.conf.5: revision 1.57
>From Maik Broemme: export ISAKMP SA identity as REMOTE_ID for phase1 up
script (trac #313).


To generate a diff of this commit:
cvs rdiff -u -r1.42.4.1 -r1.42.4.2 \
    src/crypto/dist/ipsec-tools/src/racoon/isakmp.c
cvs rdiff -u -r1.46.4.1 -r1.46.4.2 \
    src/crypto/dist/ipsec-tools/src/racoon/racoon.conf.5

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.


Modified files:

Index: src/crypto/dist/ipsec-tools/src/racoon/isakmp.c
diff -u src/crypto/dist/ipsec-tools/src/racoon/isakmp.c:1.42.4.1 src/crypto/dist/ipsec-tools/src/racoon/isakmp.c:1.42.4.2
--- src/crypto/dist/ipsec-tools/src/racoon/isakmp.c:1.42.4.1	Sun Feb  8 18:42:16 2009
+++ src/crypto/dist/ipsec-tools/src/racoon/isakmp.c	Sat Jan 30 19:44:31 2010
@@ -1,4 +1,4 @@
-/*	$NetBSD: isakmp.c,v 1.42.4.1 2009/02/08 18:42:16 snj Exp $	*/
+/*	$NetBSD: isakmp.c,v 1.42.4.2 2010/01/30 19:44:31 snj Exp $	*/
 
 /* Id: isakmp.c,v 1.74 2006/05/07 21:32:59 manubsd Exp */
 
@@ -3086,6 +3086,16 @@
 		}
 	}
 
+	/* Peer identity. */
+	if (iph1->id_p != NULL) {
+		if (script_env_append(&envp, &envc, "REMOTE_ID",
+				      ipsecdoi_id2str(iph1->id_p)) != 0) {
+			plog(LLV_ERROR, LOCATION, NULL,
+			     "Cannot set REMOTE_ID\n");
+			goto out;
+		}
+	}
+
 	if (privsep_script_exec(iph1->rmconf->script[script]->v, 
 	    script, envp) != 0) 
 		plog(LLV_ERROR, LOCATION, NULL, 

Index: src/crypto/dist/ipsec-tools/src/racoon/racoon.conf.5
diff -u src/crypto/dist/ipsec-tools/src/racoon/racoon.conf.5:1.46.4.1 src/crypto/dist/ipsec-tools/src/racoon/racoon.conf.5:1.46.4.2
--- src/crypto/dist/ipsec-tools/src/racoon/racoon.conf.5:1.46.4.1	Sun Feb  8 18:42:18 2009
+++ src/crypto/dist/ipsec-tools/src/racoon/racoon.conf.5	Sat Jan 30 19:44:31 2010
@@ -1,4 +1,4 @@
-.\"	$NetBSD: racoon.conf.5,v 1.46.4.1 2009/02/08 18:42:18 snj Exp $
+.\"	$NetBSD: racoon.conf.5,v 1.46.4.2 2010/01/30 19:44:31 snj Exp $
 .\"
 .\"	Id: racoon.conf.5,v 1.54 2006/08/22 18:17:17 manubsd Exp
 .\"
@@ -574,6 +574,8 @@
 The remote address of the phase 1 SA.
 .It Ev REMOTE_PORT
 The remote port used for IKE for the phase 1 SA.
+.It Ev REMOTE_ID
+The remote identity received in IKE for the phase 1 SA.
 .El
 The following variables are only set if
 .Ic mode_cfg