sure OK
On Mon, Oct 26, 2015 at 06:34:46PM +0100, Mike Belopuhov wrote:
> Only useful for dumping SAs.
>
> OK?
>
> ---
> sbin/ipsecctl/ipsecctl.h | 2 +-
> sbin/ipsecctl/parse.y | 1 +
> sbin/ipsecctl/pfkdump.c | 5 +++++
> 3 files changed, 7 insertions(+), 1 deletion(-)
>
> diff --git sbin/ipsecctl/ipsecctl.h sbin/ipsecctl/ipsecctl.h
> index f95440e..51d0665 100644
> --- sbin/ipsecctl/ipsecctl.h
> +++ sbin/ipsecctl/ipsecctl.h
> @@ -65,11 +65,11 @@ enum {
> ENCXF_UNKNOWN, ENCXF_NONE, ENCXF_3DES_CBC, ENCXF_DES_CBC, ENCXF_AES,
> ENCXF_AES_128, ENCXF_AES_192, ENCXF_AES_256, ENCXF_AESCTR,
> ENCXF_AES_128_CTR, ENCXF_AES_192_CTR, ENCXF_AES_256_CTR,
> ENCXF_AES_128_GCM, ENCXF_AES_192_GCM, ENCXF_AES_256_GCM,
> ENCXF_AES_128_GMAC, ENCXF_AES_192_GMAC, ENCXF_AES_256_GMAC,
> - ENCXF_BLOWFISH, ENCXF_CAST128, ENCXF_NULL
> + ENCXF_BLOWFISH, ENCXF_CAST128, ENCXF_CHACHA20_POLY1305, ENCXF_NULL
> };
> enum {
> COMPXF_UNKNOWN, COMPXF_DEFLATE, COMPXF_LZS
> };
> enum {
> diff --git sbin/ipsecctl/parse.y sbin/ipsecctl/parse.y
> index cab02d2..382cc47 100644
> --- sbin/ipsecctl/parse.y
> +++ sbin/ipsecctl/parse.y
> @@ -120,10 +120,11 @@ const struct ipsec_xf encxfs[] = {
> { "aes-128-gmac", ENCXF_AES_128_GMAC, 16+4, 16+4, 1, 1 },
> { "aes-192-gmac", ENCXF_AES_192_GMAC, 24+4, 24+4, 1, 1 },
> { "aes-256-gmac", ENCXF_AES_256_GMAC, 32+4, 32+4, 1, 1 },
> { "blowfish", ENCXF_BLOWFISH, 5, 56, 0, 0 },
> { "cast128", ENCXF_CAST128, 5, 16, 0, 0 },
> + { "chacha20-poly1305", ENCXF_CHACHA20_POLY1305, 32+4, 32+4, 1, 1 },
> { "null", ENCXF_NULL, 0, 0, 0, 0 },
> { NULL, 0, 0, 0, 0, 0 },
> };
>
> const struct ipsec_xf compxfs[] = {
> diff --git sbin/ipsecctl/pfkdump.c sbin/ipsecctl/pfkdump.c
> index feead80..172bf8f 100644
> --- sbin/ipsecctl/pfkdump.c
> +++ sbin/ipsecctl/pfkdump.c
> @@ -149,10 +149,11 @@ struct idname auth_types[] = {
> { SADB_X_AALG_SHA2_384, "hmac-sha2-384", NULL },
> { SADB_X_AALG_SHA2_512, "hmac-sha2-512", NULL },
> { SADB_X_AALG_AES128GMAC, "gmac-aes-128", NULL },
> { SADB_X_AALG_AES192GMAC, "gmac-aes-192", NULL },
> { SADB_X_AALG_AES256GMAC, "gmac-aes-256", NULL },
> + { SADB_X_AALG_CHACHA20POLY1305, "chacha20-poly1305", NULL },
> { 0, NULL, NULL }
> };
>
> struct idname enc_types[] = {
> { SADB_EALG_NONE, "none", NULL },
> @@ -169,10 +170,11 @@ struct idname enc_types[] = {
> { SADB_X_EALG_DES_IV64, "des-iv64", NULL },
> { SADB_X_EALG_IDEA, "idea", NULL },
> { SADB_EALG_NULL, "null", NULL },
> { SADB_X_EALG_RC4, "rc4", NULL },
> { SADB_X_EALG_RC5, "rc5", NULL },
> + { SADB_X_EALG_CHACHA20POLY1305, "chacha20-poly1305", NULL },
> { 0, NULL, NULL }
> };
>
> struct idname comp_types[] = {
> { SADB_X_CALG_NONE, "none", NULL },
> @@ -743,10 +745,13 @@ pfkey_print_sa(struct sadb_msg *msg, int opts)
> xfs.encxf = &encxfs[ENCXF_BLOWFISH];
> break;
> case SADB_X_EALG_CAST:
> xfs.encxf = &encxfs[ENCXF_CAST128];
> break;
> + case SADB_X_EALG_CHACHA20POLY1305:
> + xfs.encxf = &encxfs[ENCXF_CHACHA20_POLY1305];
> + break;
> case SADB_EALG_NULL:
> xfs.encxf = &encxfs[ENCXF_NULL];
> break;
> }
> }
> --
> 2.6.2
>
--
