From: jason <jason@openbsd.org>
Date: Tue, 28 Mar 2000 14:30:51 +0000 (+0000)
Subject: fix sanity checks to allow authentication-only ESP
X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=a63331ee7b4857e1e2a4b06c9b07d6af308886ca;p=openbsd

fix sanity checks to allow authentication-only ESP
---

diff --git a/sbin/ipsecadm/ipsecadm.c b/sbin/ipsecadm/ipsecadm.c
index ea7ecb0e388..b732e8eb398 100644
--- a/sbin/ipsecadm/ipsecadm.c
+++ b/sbin/ipsecadm/ipsecadm.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ipsecadm.c,v 1.32 2000/02/08 12:50:25 itojun Exp $ */
+/* $OpenBSD: ipsecadm.c,v 1.33 2000/03/28 14:30:51 jason Exp $ */
 /*
  * The authors of this code are John Ioannidis (ji@tla.org),
  * Angelos D. Keromytis (kermit@csd.uch.gr) and 
@@ -1115,9 +1115,10 @@ main(int argc, char **argv)
     }
     
     /* Sanity checks */
-    if ((mode & (ESP_NEW | ESP_OLD)) && enc == 0)
+    if ((mode & (ESP_NEW | ESP_OLD)) && enc == 0 && auth == 0)
     {
-	fprintf(stderr, "%s: no encryption algorithm specified\n",  argv[0]);
+	fprintf(stderr, "%s: no encryption or authentication algorithm "
+		"specified\n",  argv[0]);
 	exit(1);
     }
 
@@ -1128,7 +1129,7 @@ main(int argc, char **argv)
 	exit(1);
     }
 
-    if (((mode & (ESP_NEW | ESP_OLD)) && keyp == NULL) ||
+    if (((mode & (ESP_NEW | ESP_OLD)) && enc && keyp == NULL) ||
         ((mode & (AH_NEW | AH_OLD)) && authp == NULL))
     {
 	fprintf(stderr, "%s: no key material specified\n", argv[0]);