case CONFIG_CRYPTO:
crypto_enable = 1;
- for (i = 2; i < ntokens; i++) {
- switch (matchkey(tokens[i],
- crypto_keywords)) {
+ for (i = 1; i < ntokens; i++) {
+ int temp;
+ temp = matchkey(tokens[i++], crypto_keywords);
+ if (i > ntokens - 1) {
+ msyslog(LOG_ERR,
+ "crypto: missing file name");
+ errflg++;
+ break;
+ }
+ switch(temp) {
case CONF_CRYPTO_FLAGS:
crypto_config(CRYPTO_CONF_FLAGS,
- tokens[i++]);
+ tokens[i]);
+ break;
case CONF_CRYPTO_DH:
crypto_config(CRYPTO_CONF_DH,
- tokens[i++]);
+ tokens[i]);
break;
case CONF_CRYPTO_PRIVATEKEY:
crypto_config(CRYPTO_CONF_PRIV,
- tokens[i++]);
+ tokens[i]);
break;
case CONF_CRYPTO_PUBLICKEY:
crypto_config(CRYPTO_CONF_PUBL,
- tokens[i++]);
+ tokens[i]);
+ break;
+ default:
+ msyslog(LOG_ERR,
+ "crypto: unknown keyword");
break;
}
}
peer->keyid);
#endif
#ifdef PUBKEY
- if (!(peer->flags & FLAG_SKEY))
+ if (!(peer->flags & FLAG_SKEY) || peer->hmode == MODE_BROADCAST)
return (peer);
crypto_public(peer, keystr);
#endif /* PUBKEY */
conf = "yes";
else
conf = "no";
- if (statval & CTL_PST_REACH) {
+ if (statval & CTL_PST_REACH || 1) {
reach = "yes";
if (statval & CTL_PST_AUTHENABLE) {
if (statval & CTL_PST_AUTHENTIC)