/* $OpenBSD: pf_key_v2.c,v 1.150 2004/09/17 13:53:08 ho Exp $  */
/* $EOM: pf_key_v2.c,v 1.79 2000/12/12 00:33:19 niklas Exp $	 */

/*
 * Copyright (c) 1999, 2000, 2001 Niklas Hallqvist.  All rights reserved.
 * Copyright (c) 1999, 2000, 2001 Angelos D. Keromytis.  All rights reserved.
 * Copyright (c) 2001 Håkan Olsson.  All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 *
 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 */

/*
 * This code was written under funding by Ericsson Radio Systems.
 */

#include <sys/types.h>
#include <sys/ioctl.h>
#include <sys/queue.h>
#include <sys/socket.h>
#include <sys/time.h>
#include <sys/uio.h>

#include "sysdep.h"

#if !defined (LINUX_IPSEC)
#include <net/pfkeyv2.h>
#endif
#include <netinet/in.h>
#ifdef SADB_X_EXT_FLOW_TYPE
#include <sys/mbuf.h>
#include <netinet/ip_ipsp.h>
#endif
#include <arpa/inet.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
#include <pwd.h>
#include <errno.h>
#include <bitstring.h>

#include "cert.h"
#include "conf.h"
#include "exchange.h"
#include "ipsec.h"
#include "ipsec_num.h"
#include "key.h"
#include "log.h"
#include "pf_key_v2.h"
#include "sa.h"
#include "timer.h"
#include "transport.h"
#include "util.h"

#if defined (USE_KEYNOTE)
#include "policy.h"
#endif

#if defined (USE_NAT_TRAVERSAL)
#include "udp_encap.h"
#endif

#define IN6_IS_ADDR_FULL(a)						\
	((*(u_int32_t *)(void *)(&(a)->s6_addr[0]) == 0xffff) &&	\
	(*(u_int32_t *)(void *)(&(a)->s6_addr[4]) == 0xffff) &&		\
	(*(u_int32_t *)(void *)(&(a)->s6_addr[8]) == 0xffff) &&		\
	(*(u_int32_t *)(void *)(&(a)->s6_addr[12]) == 0xffff))

#define ADDRESS_MAX sizeof "ffff:ffff:ffff:ffff:ffff:ffff:255.255.255.255"

/*
 * PF_KEY v2 always work with 64-bit entities and aligns on 64-bit boundaries.
 */
#define PF_KEY_V2_CHUNK 8
#define PF_KEY_V2_ROUND(x)						\
	(((x) + PF_KEY_V2_CHUNK - 1) & ~(PF_KEY_V2_CHUNK - 1))

/* How many microseconds we will wait for a reply from the PF_KEY socket.  */
#define PF_KEY_REPLY_TIMEOUT 1000

struct pf_key_v2_node {
	TAILQ_ENTRY(pf_key_v2_node) link;
	void           *seg;
	size_t          sz;
	int             cnt;
	u_int16_t       type;
	u_int8_t        flags;
};

TAILQ_HEAD(pf_key_v2_msg, pf_key_v2_node);

#define PF_KEY_V2_NODE_MALLOCED 1
#define PF_KEY_V2_NODE_MARK 2

/* Used to derive "unique" connection identifiers. */
int             connection_seq = 0;

#ifdef KAME
/*
 * KAME requires the sadb_msg_seq of an UPDATE be the same of that of the
 * GETSPI creating the larval SA.
 */
struct pf_key_v2_sa_seq {
	TAILQ_ENTRY(pf_key_v2_sa_seq) link;
	u_int8_t       *spi;
	size_t          sz;
	u_int8_t        proto;
	struct sockaddr *dst;
	int             dstlen;
	u_int32_t       seq;
};

TAILQ_HEAD(, pf_key_v2_sa_seq) pf_key_v2_sa_seq_map;
#endif

#ifndef KAME
static u_int8_t *pf_key_v2_convert_id(u_int8_t *, int, size_t *, int *);
#endif
static struct pf_key_v2_msg *pf_key_v2_call(struct pf_key_v2_msg *);
static struct pf_key_v2_node *pf_key_v2_find_ext(struct pf_key_v2_msg *,
	                u_int16_t);
static void     pf_key_v2_notify(struct pf_key_v2_msg *);
static struct pf_key_v2_msg *pf_key_v2_read(u_int32_t);
static u_int32_t pf_key_v2_seq(void);
static u_int32_t pf_key_v2_write(struct pf_key_v2_msg *);
static int      pf_key_v2_remove_conf(char *);
static int      pf_key_v2_conf_refhandle(int, char *);

#ifdef SADB_X_ASKPOLICY
static int      pf_key_v2_conf_refinc(int, char *);
#endif

/* The socket to use for PF_KEY interactions.  */
int      pf_key_v2_socket;

#ifdef KAME
static int
pf_key_v2_register_sa_seq(u_int8_t *spi, size_t sz, u_int8_t proto,
    struct sockaddr *dst, int dstlen, u_int32_t seq)
{
	struct pf_key_v2_sa_seq *node = 0;

	node = malloc(sizeof *node);
	if (!node)
		goto cleanup;
	memset(node, '0', sizeof *node);
	node->spi = malloc(sz);
	if (!node->spi)
		goto cleanup;
	node->dst = malloc(sysdep_sa_len(dst));
	if (!node->dst)
		goto cleanup;
	memcpy(node->dst, dst, sysdep_sa_len(dst));
	node->dstlen = sysdep_sa_len(dst);
	memcpy(node->spi, spi, sz);
	node->sz = sz;
	node->proto = proto;
	node->seq = seq;
	TAILQ_INSERT_TAIL(&pf_key_v2_sa_seq_map, node, link);
	return 1;

cleanup:
	if (node->dst)
		free(node->dst);
	if (node)
		free(node);
	return 0;
}

static u_int32_t
pf_key_v2_seq_by_sa(u_int8_t *spi, size_t sz, u_int8_t proto,
    struct sockaddr *dst, int dstlen)
{
	struct pf_key_v2_sa_seq *node;

	for (node = TAILQ_FIRST(&pf_key_v2_sa_seq_map); node;
	    node = TAILQ_NEXT(node, link))
		if (node->proto == proto &&
		    node->sz == sz && memcmp(node->spi, spi, sz) == 0 &&
		    node->dstlen == sysdep_sa_len(dst) &&
		    memcmp(node->dst, dst, sysdep_sa_len(dst)) == 0)
			return node->seq;
	return 0;
}
#endif

static struct pf_key_v2_msg *
pf_key_v2_msg_new(struct sadb_msg *msg, int flags)
{
	struct pf_key_v2_node *node = 0;
	struct pf_key_v2_msg *ret;

	node = malloc(sizeof *node);
	if (!node)
		goto cleanup;
	ret = malloc(sizeof *ret);
	if (!ret)
		goto cleanup;
	TAILQ_INIT(ret);
	node->seg = msg;
	node->sz = sizeof *msg;
	node->type = 0;
	node->cnt = 1;
	node->flags = flags;
	TAILQ_INSERT_HEAD(ret, node, link);
	return ret;

cleanup:
	if (node)
		free(node);
	return 0;
}

/* Add a SZ sized segment SEG to the PF_KEY message MSG.  */
static int
pf_key_v2_msg_add(struct pf_key_v2_msg *msg, struct sadb_ext *ext, int flags)
{
	struct pf_key_v2_node *node;

	node = malloc(sizeof *node);
	if (!node)
		return -1;
	node->seg = ext;
	node->sz = ext->sadb_ext_len * PF_KEY_V2_CHUNK;
	node->type = ext->sadb_ext_type;
	node->flags = flags;
	TAILQ_FIRST(msg)->cnt++;
	TAILQ_INSERT_TAIL(msg, node, link);
	return 0;
}

/* Deallocate the PF_KEY message MSG.  */
static void
pf_key_v2_msg_free(struct pf_key_v2_msg *msg)
{
	struct pf_key_v2_node *np;

	np = TAILQ_FIRST(msg);
	while (np) {
		TAILQ_REMOVE(msg, np, link);
		if (np->flags & PF_KEY_V2_NODE_MALLOCED)
			free(np->seg);
		free(np);
		np = TAILQ_FIRST(msg);
	}
	free(msg);
}

/* Just return a new sequence number.  */
static u_int32_t
pf_key_v2_seq(void)
{
	static u_int32_t seq = 0;

	return ++seq;
}

/*
 * Read a PF_KEY packet with SEQ as the sequence number, looping if necessary.
 * If SEQ is zero just read the first message we see, otherwise we queue
 * messages up until both the PID and the sequence number match.
 */
static struct pf_key_v2_msg *
pf_key_v2_read(u_int32_t seq)
{
	ssize_t         n;
	u_int8_t       *buf = 0;
	struct pf_key_v2_msg *ret = 0;
	struct sadb_msg *msg;
	struct sadb_msg hdr;
	struct sadb_ext *ext;
	struct timeval  tv;
	fd_set         *fds;

	while (1) {
		/*
		 * If this is a read of a reply we should actually expect the
		 * reply to get lost as PF_KEY is an unreliable service per
		 * the specs. Currently we do this by setting a short timeout,
		 * and if it is not readable in that time, we fail the read.
	         */
		if (seq) {
			fds = calloc(howmany(pf_key_v2_socket + 1, NFDBITS),
			    sizeof(fd_mask));
			if (!fds) {
				log_error("pf_key_v2_read: "
				    "calloc (%lu, %lu) failed",
				    (unsigned long) howmany(pf_key_v2_socket + 1,
					NFDBITS),
				    (unsigned long) sizeof(fd_mask));
				goto cleanup;
			}
			FD_SET(pf_key_v2_socket, fds);
			tv.tv_sec = 0;
			tv.tv_usec = PF_KEY_REPLY_TIMEOUT;
			n = select(pf_key_v2_socket + 1, fds, 0, 0, &tv);
			free(fds);
			if (n == -1) {
				log_error("pf_key_v2_read: "
				    "select (%d, fds, 0, 0, &tv) failed",
				    pf_key_v2_socket + 1);
				goto cleanup;
			}
			if (!n) {
				log_print("pf_key_v2_read: "
				    "no reply from PF_KEY");
				goto cleanup;
			}
		}
		n = recv(pf_key_v2_socket, &hdr, sizeof hdr, MSG_PEEK);
		if (n == -1) {
			log_error("pf_key_v2_read: recv (%d, ...) failed",
			    pf_key_v2_socket);
			goto cleanup;
		}
		if (n != sizeof hdr) {
			log_error("pf_key_v2_read: recv (%d, ...) "
			    "returned short packet (%lu bytes)",
			    pf_key_v2_socket, (unsigned long) n);
			goto cleanup;
		}
		n = hdr.sadb_msg_len * PF_KEY_V2_CHUNK;
		buf = malloc(n);
		if (!buf) {
			log_error("pf_key_v2_read: malloc (%lu) failed",
			    (unsigned long) n);
			goto cleanup;
		}
		n = read(pf_key_v2_socket, buf, n);
		if (n == -1) {
			log_error("pf_key_v2_read: read (%d, ...) failed",
				  pf_key_v2_socket);
			goto cleanup;
		}
		if (n != hdr.sadb_msg_len * PF_KEY_V2_CHUNK) {
			log_print("pf_key_v2_read: read (%d, ...) "
			    "returned short packet (%lu bytes)",
			    pf_key_v2_socket, (unsigned long) n);
			goto cleanup;
		}
		LOG_DBG_BUF((LOG_SYSDEP, 80, "pf_key_v2_read: msg", buf, n));

		/* We drop all messages that is not what we expect.  */
		msg = (struct sadb_msg *) buf;
		if (msg->sadb_msg_version != PF_KEY_V2 ||
		    (msg->sadb_msg_pid != 0 &&
		    msg->sadb_msg_pid != (u_int32_t) getpid())) {
			if (seq) {
				free(buf);
				buf = 0;
				continue;
			} else {
				LOG_DBG((LOG_SYSDEP, 90, "pf_key_v2_read:"
				    "bad version (%d) or PID (%d, mine is "
				    "%ld), ignored", msg->sadb_msg_version,
				    msg->sadb_msg_pid, (long) getpid()));
				goto cleanup;
			}
		}
		/* Parse the message.  */
		ret = pf_key_v2_msg_new(msg, PF_KEY_V2_NODE_MALLOCED);
		if (!ret)
			goto cleanup;
		buf = 0;
		for (ext = (struct sadb_ext *) (msg + 1);
		    (u_int8_t *) ext - (u_int8_t *) msg <
		    msg->sadb_msg_len * PF_KEY_V2_CHUNK;
		    ext = (struct sadb_ext *) ((u_int8_t *) ext +
		    ext->sadb_ext_len * PF_KEY_V2_CHUNK))
			pf_key_v2_msg_add(ret, ext, 0);

		/*
		 * If the message is not the one we are waiting for, queue it
		 * up.
		 */
		if (seq && (msg->sadb_msg_pid != (u_int32_t) getpid() ||
		    msg->sadb_msg_seq != seq)) {
			gettimeofday(&tv, 0);
			timer_add_event("pf_key_v2_notify",
			    (void (*) (void *)) pf_key_v2_notify, ret, &tv);
			ret = 0;
			continue;
		}
		return ret;
	}

cleanup:
	if (buf)
		free(buf);
	if (ret)
		pf_key_v2_msg_free(ret);
	return 0;
}

/* Write the message in PMSG to the PF_KEY socket.  */
u_int32_t
pf_key_v2_write(struct pf_key_v2_msg *pmsg)
{
	struct iovec   *iov = 0;
	ssize_t         n;
	size_t          len;
	int             i, cnt = TAILQ_FIRST(pmsg)->cnt;
	char            header[80];
	struct sadb_msg *msg = TAILQ_FIRST(pmsg)->seg;
	struct pf_key_v2_node *np = TAILQ_FIRST(pmsg);

	iov = (struct iovec *) malloc(cnt * sizeof *iov);
	if (!iov) {
		log_error("pf_key_v2_write: malloc (%lu) failed",
		    cnt * (unsigned long) sizeof *iov);
		return 0;
	}
	msg->sadb_msg_version = PF_KEY_V2;
	msg->sadb_msg_errno = 0;
	msg->sadb_msg_reserved = 0;
	msg->sadb_msg_pid = getpid();
	if (!msg->sadb_msg_seq)
		msg->sadb_msg_seq = pf_key_v2_seq();

	/* Compute the iovec segments as well as the message length.  */
	len = 0;
	for (i = 0; i < cnt; i++) {
		iov[i].iov_base = np->seg;
		len += iov[i].iov_len = np->sz;

		/*
		 * XXX One can envision setting specific extension fields, like
		 * *_reserved ones here.  For now we require them to be set by the
		 * caller.
	         */

		np = TAILQ_NEXT(np, link);
	}
	msg->sadb_msg_len = len / PF_KEY_V2_CHUNK;

	for (i = 0; i < cnt; i++) {
		snprintf(header, sizeof header, "pf_key_v2_write: iov[%d]", i);
		LOG_DBG_BUF((LOG_SYSDEP, 80, header,
		    (u_int8_t *) iov[i].iov_base, iov[i].iov_len));
	}

	n = writev(pf_key_v2_socket, iov, cnt);
	if (n == -1) {
		log_error("pf_key_v2_write: writev (%d, %p, %d) failed",
		    pf_key_v2_socket, iov, cnt);
		goto cleanup;
	}
	if ((size_t) n != len) {
		log_error("pf_key_v2_write: "
		    "writev (%d, ...) returned prematurely (%lu)",
		    pf_key_v2_socket, (unsigned long) n);
		goto cleanup;
	}
	free(iov);
	return msg->sadb_msg_seq;

cleanup:
	if (iov)
		free(iov);
	return 0;
}

/*
 * Do a PF_KEY "call", i.e. write a message MSG, read the reply and return
 * it to the caller.
 */
static struct pf_key_v2_msg *
pf_key_v2_call(struct pf_key_v2_msg *msg)
{
	u_int32_t       seq;

	seq = pf_key_v2_write(msg);
	if (!seq)
		return 0;
	return pf_key_v2_read(seq);
}

/* Find the TYPE extension in MSG.  Return zero if none found.  */
static struct pf_key_v2_node *
pf_key_v2_find_ext(struct pf_key_v2_msg *msg, u_int16_t type)
{
	struct pf_key_v2_node *ext;

	for (ext = TAILQ_NEXT(TAILQ_FIRST(msg), link); ext;
	    ext = TAILQ_NEXT(ext, link))
		if (ext->type == type)
			return ext;
	return 0;
}

/*
 * Open the PF_KEYv2 sockets and return the descriptor used for notifies.
 * Return -1 for failure and -2 if no notifies will show up.
 */
int
pf_key_v2_open(void)
{
	int             fd = -1, err;
	struct sadb_msg msg;
	struct pf_key_v2_msg *regmsg = 0, *ret = 0;

	/* Open the socket we use to speak to IPsec. */
	pf_key_v2_socket = -1;
	fd = socket(PF_KEY, SOCK_RAW, PF_KEY_V2);
	if (fd == -1) {
		log_error("pf_key_v2_open: "
		    "socket (PF_KEY, SOCK_RAW, PF_KEY_V2) failed");
		goto cleanup;
	}
	pf_key_v2_socket = fd;

	/* Register it to get ESP and AH acquires from the kernel.  */
	msg.sadb_msg_seq = 0;
	msg.sadb_msg_type = SADB_REGISTER;
	msg.sadb_msg_satype = SADB_SATYPE_ESP;
	regmsg = pf_key_v2_msg_new(&msg, 0);
	if (!regmsg)
		goto cleanup;
	ret = pf_key_v2_call(regmsg);
	pf_key_v2_msg_free(regmsg);
	if (!ret)
		goto cleanup;
	err = ((struct sadb_msg *)TAILQ_FIRST(ret)->seg)->sadb_msg_errno;
	if (err) {
		log_print("pf_key_v2_open: REGISTER: %s", strerror(err));
		goto cleanup;
	}
	/* XXX Register the accepted transforms.  */

	pf_key_v2_msg_free(ret);
	ret = 0;

	msg.sadb_msg_seq = 0;
	msg.sadb_msg_type = SADB_REGISTER;
	msg.sadb_msg_satype = SADB_SATYPE_AH;
	regmsg = pf_key_v2_msg_new(&msg, 0);
	if (!regmsg)
		goto cleanup;
	ret = pf_key_v2_call(regmsg);
	pf_key_v2_msg_free(regmsg);
	if (!ret)
		goto cleanup;
	err = ((struct sadb_msg *)TAILQ_FIRST(ret)->seg)->sadb_msg_errno;
	if (err) {
		log_print("pf_key_v2_open: REGISTER: %s", strerror(err));
		goto cleanup;
	}
	/* XXX Register the accepted transforms.  */

	pf_key_v2_msg_free(ret);
	ret = 0;

#ifdef SADB_X_SATYPE_IPCOMP
	msg.sadb_msg_seq = 0;
	msg.sadb_msg_type = SADB_REGISTER;
	msg.sadb_msg_satype = SADB_X_SATYPE_IPCOMP;
	regmsg = pf_key_v2_msg_new(&msg, 0);
	if (!regmsg)
		goto cleanup;
	ret = pf_key_v2_call(regmsg);
	pf_key_v2_msg_free(regmsg);
	if (!ret)
		goto cleanup;
	err = ((struct sadb_msg *)TAILQ_FIRST(ret)->seg)->sadb_msg_errno;
	if (err) {
		log_print("pf_key_v2_open: REGISTER: %s", strerror(err));
		goto cleanup;
	}
	/* XXX Register the accepted transforms.  */

	pf_key_v2_msg_free(ret);
#endif /* SADB_X_SATYPE_IPCOMP */

#ifdef KAME
	TAILQ_INIT(&pf_key_v2_sa_seq_map);
#endif

	return fd;

cleanup:
	if (pf_key_v2_socket != -1) {
		close(pf_key_v2_socket);
		pf_key_v2_socket = -1;
	}
	if (ret)
		pf_key_v2_msg_free(ret);
	return -1;
}

/*
 * Generate a SPI for protocol PROTO and the source/destination pair given by
 * SRC, SRCLEN, DST & DSTLEN.  Stash the SPI size in SZ.
 */
u_int8_t *
pf_key_v2_get_spi(size_t *sz, u_int8_t proto, struct sockaddr *src,
    struct sockaddr *dst, u_int32_t seq)
{
	struct sadb_msg msg;
	struct sadb_sa *sa;
	struct sadb_address *addr = 0;
	struct sadb_spirange spirange;
	struct pf_key_v2_msg *getspi = 0, *ret = 0;
	struct pf_key_v2_node *ext;
	u_int8_t       *spi = 0;
	int             len, err;
#ifdef KAME
	struct sadb_x_sa2 ssa2;
#endif

	msg.sadb_msg_type = SADB_GETSPI;
	switch (proto) {
	case IPSEC_PROTO_IPSEC_ESP:
		msg.sadb_msg_satype = SADB_SATYPE_ESP;
		break;
	case IPSEC_PROTO_IPSEC_AH:
		msg.sadb_msg_satype = SADB_SATYPE_AH;
		break;
#ifdef SADB_X_SATYPE_IPCOMP
	case IPSEC_PROTO_IPCOMP:
		msg.sadb_msg_satype = SADB_X_SATYPE_IPCOMP;
		break;
#endif
	default:
		log_print("pf_key_v2_get_spi: invalid proto %d", proto);
		goto cleanup;
	}

	/* Set the sequence number from the ACQUIRE message. */
	msg.sadb_msg_seq = seq;
	getspi = pf_key_v2_msg_new(&msg, 0);
	if (!getspi)
		goto cleanup;

#ifdef KAME
	memset(&ssa2, 0, sizeof ssa2);
	ssa2.sadb_x_sa2_exttype = SADB_X_EXT_SA2;
	ssa2.sadb_x_sa2_len = sizeof ssa2 / PF_KEY_V2_CHUNK;
	ssa2.sadb_x_sa2_mode = 0;
	if (pf_key_v2_msg_add(getspi, (struct sadb_ext *)&ssa2, 0) == -1)
		goto cleanup;
#endif

	/* Setup the ADDRESS extensions.  */
	len =
	    sizeof(struct sadb_address) + PF_KEY_V2_ROUND(sysdep_sa_len(src));
	addr = calloc(1, len);
	if (!addr)
		goto cleanup;
	addr->sadb_address_exttype = SADB_EXT_ADDRESS_SRC;
	addr->sadb_address_len = len / PF_KEY_V2_CHUNK;
#ifndef __OpenBSD__
	addr->sadb_address_proto = 0;
	addr->sadb_address_prefixlen = 0;
#endif
	addr->sadb_address_reserved = 0;
	memcpy(addr + 1, src, sysdep_sa_len(src));
	switch (((struct sockaddr *) (addr + 1))->sa_family) {
	case AF_INET:
		((struct sockaddr_in *) (addr + 1))->sin_port = 0;
		break;
	case AF_INET6:
		((struct sockaddr_in6 *) (addr + 1))->sin6_port = 0;
		break;
	}
	if (pf_key_v2_msg_add(getspi, (struct sadb_ext *) addr,
	    PF_KEY_V2_NODE_MALLOCED) == -1)
		goto cleanup;
	addr = 0;

	len =
	    sizeof(struct sadb_address) + PF_KEY_V2_ROUND(sysdep_sa_len(dst));
	addr = calloc(1, len);
	if (!addr)
		goto cleanup;
	addr->sadb_address_exttype = SADB_EXT_ADDRESS_DST;
	addr->sadb_address_len = len / PF_KEY_V2_CHUNK;
#ifndef __OpenBSD__
	addr->sadb_address_proto = 0;
	addr->sadb_address_prefixlen = 0;
#endif
	addr->sadb_address_reserved = 0;
	memcpy(addr + 1, dst, sysdep_sa_len(dst));
	switch (((struct sockaddr *) (addr + 1))->sa_family) {
	case AF_INET:
		((struct sockaddr_in *) (addr + 1))->sin_port = 0;
		break;
	case AF_INET6:
		((struct sockaddr_in6 *) (addr + 1))->sin6_port = 0;
		break;
	}
	if (pf_key_v2_msg_add(getspi, (struct sadb_ext *) addr,
	    PF_KEY_V2_NODE_MALLOCED) == -1)
		goto cleanup;
	addr = 0;

	/* Setup the SPIRANGE extension.  */
	spirange.sadb_spirange_exttype = SADB_EXT_SPIRANGE;
	spirange.sadb_spirange_len = sizeof spirange / PF_KEY_V2_CHUNK;
	if (proto == IPSEC_PROTO_IPCOMP) {
		spirange.sadb_spirange_min = CPI_RESERVED_MAX + 1;
		spirange.sadb_spirange_max = CPI_PRIVATE_MIN - 1;
	} else {
		spirange.sadb_spirange_min = IPSEC_SPI_LOW;
		spirange.sadb_spirange_max = 0xffffffff;
	}
	spirange.sadb_spirange_reserved = 0;
	if (pf_key_v2_msg_add(getspi, (struct sadb_ext *)&spirange, 0) == -1)
		goto cleanup;

	ret = pf_key_v2_call(getspi);
	pf_key_v2_msg_free(getspi);
	getspi = 0;
	if (!ret)
		goto cleanup;
	err = ((struct sadb_msg *)TAILQ_FIRST(ret)->seg)->sadb_msg_errno;
	if (err) {
		log_print("pf_key_v2_get_spi: GETSPI: %s", strerror(err));
		goto cleanup;
	}
	ext = pf_key_v2_find_ext(ret, SADB_EXT_SA);
	if (!ext) {
		log_print("pf_key_v2_get_spi: no SA extension found");
		goto cleanup;
	}
	sa = ext->seg;

	/* IPCOMP CPIs are only 16 bits long.  */
	*sz = (proto == IPSEC_PROTO_IPCOMP) ? sizeof(u_int16_t)
		: sizeof sa->sadb_sa_spi;
	spi = malloc(*sz);
	if (!spi)
		goto cleanup;
	/* XXX This is ugly.  */
	if (proto == IPSEC_PROTO_IPCOMP) {
		u_int32_t       tspi = ntohl(sa->sadb_sa_spi);
		*(u_int16_t *) spi = htons((u_int16_t) tspi);
	} else
		memcpy(spi, &sa->sadb_sa_spi, *sz);

#ifdef KAME
	if (!pf_key_v2_register_sa_seq(spi, *sz, proto, dst,
	    sysdep_sa_len(dst),
	    ((struct sadb_msg *) (TAILQ_FIRST(ret)->seg))->sadb_msg_seq))
		goto cleanup;
#endif
	pf_key_v2_msg_free(ret);

	LOG_DBG_BUF((LOG_SYSDEP, 50, "pf_key_v2_get_spi: spi", spi, *sz));
	return spi;

cleanup:
	if (spi)
		free(spi);
	if (addr)
		free(addr);
	if (getspi)
		pf_key_v2_msg_free(getspi);
	if (ret)
		pf_key_v2_msg_free(ret);
	return 0;
}

/* Fetch SA information from the kernel. XXX OpenBSD only?  */
struct sa_kinfo *
pf_key_v2_get_kernel_sa(u_int8_t *spi, size_t spi_sz, u_int8_t proto,
    struct sockaddr *dst)
{
	struct sadb_msg msg;
	struct sadb_sa *ssa;
	struct sadb_address *addr = 0;
	struct sockaddr *sa;
	struct sadb_lifetime *life;
	struct pf_key_v2_msg *gettdb = 0, *ret = 0;
	struct pf_key_v2_node *ext;
	static struct sa_kinfo ksa;
#if defined (SADB_X_EXT_UDPENCAP)
	struct sadb_x_udpencap *udpencap;
#endif
	int len, err;

	if (spi_sz != sizeof (ssa->sadb_sa_spi))
		return 0;

	msg.sadb_msg_type = SADB_GET;
	switch (proto) {
	case IPSEC_PROTO_IPSEC_ESP:
		msg.sadb_msg_satype = SADB_SATYPE_ESP;
		break;
	case IPSEC_PROTO_IPSEC_AH:
		msg.sadb_msg_satype = SADB_SATYPE_AH;
		break;
#ifdef SADB_X_SATYPE_IPCOMP
	case IPSEC_PROTO_IPCOMP:
		msg.sadb_msg_satype = SADB_X_SATYPE_IPCOMP;
		break;
#endif
	default:
		log_print("pf_key_v2_get_kernel_sa: invalid proto %d", proto);
		goto cleanup;
	}

	gettdb = pf_key_v2_msg_new(&msg, 0);
	if (!gettdb)
		goto cleanup;

	/* SPI */
	ssa = (struct sadb_sa *)calloc(1, sizeof *ssa);
	if (!ssa) {
		log_print("pf_key_v2_get_kernel_sa: calloc(1, %lu) failed",
		    (unsigned long)sizeof *ssa);
		goto cleanup;
	}
	
	ssa->sadb_sa_exttype = SADB_EXT_SA;
	ssa->sadb_sa_len = sizeof *ssa / PF_KEY_V2_CHUNK;
	memcpy(&ssa->sadb_sa_spi, spi, sizeof ssa->sadb_sa_spi);
	ssa->sadb_sa_state = SADB_SASTATE_MATURE;
	if (pf_key_v2_msg_add(gettdb, (struct sadb_ext *)ssa,
	    PF_KEY_V2_NODE_MALLOCED) == -1)
		goto cleanup;
	ssa = 0;

	/* XXX KAME SADB_X_EXT_xyz here? */

	/* Address */
	len =
	    sizeof(struct sadb_address) + PF_KEY_V2_ROUND(sysdep_sa_len(dst));
	addr = calloc(1, len);
	if (!addr)
		goto cleanup;
	addr->sadb_address_exttype = SADB_EXT_ADDRESS_DST;
	addr->sadb_address_len = len / PF_KEY_V2_CHUNK;
#ifndef __OpenBSD__
	addr->sadb_address_proto = 0;
	addr->sadb_address_prefixlen = 0;
#endif
	addr->sadb_address_reserved = 0;
	memcpy(addr + 1, dst, sysdep_sa_len(dst));
	switch (((struct sockaddr *) (addr + 1))->sa_family) {
	case AF_INET:
		((struct sockaddr_in *) (addr + 1))->sin_port = 0;
		break;
	case AF_INET6:
		((struct sockaddr_in6 *) (addr + 1))->sin6_port = 0;
		break;
	}
	if (pf_key_v2_msg_add(gettdb, (struct sadb_ext *)addr,
	    PF_KEY_V2_NODE_MALLOCED) == -1)
		goto cleanup;
	addr = 0;

	ret = pf_key_v2_call(gettdb);
	pf_key_v2_msg_free(gettdb);
	gettdb = 0;
	if (!ret)
		goto cleanup;
	err = ((struct sadb_msg *)TAILQ_FIRST(ret)->seg)->sadb_msg_errno;
	if (err) {
		log_print("pf_key_v2_get_kernel_sa: SADB_GET: %s",
		    strerror(err));
		goto cleanup;
	}

	/* Extract the data.  */
	memset(&ksa, 0, sizeof ksa);

	ext = pf_key_v2_find_ext(ret, SADB_EXT_SA);
	if (!ext)
		goto cleanup;
	
	ssa = (struct sadb_sa *)ext;
	ksa.spi = ssa->sadb_sa_spi;
	ksa.wnd = ssa->sadb_sa_replay;
	ksa.flags = ssa->sadb_sa_flags;

	ext = pf_key_v2_find_ext(ret, SADB_EXT_LIFETIME_CURRENT);
	if (ext) {
		life = (struct sadb_lifetime *)ext->seg;
		ksa.cur_allocations = life->sadb_lifetime_allocations;
		ksa.cur_bytes =	life->sadb_lifetime_bytes;
		ksa.first_use = life->sadb_lifetime_usetime;
		ksa.established = life->sadb_lifetime_addtime;
	}

	ext = pf_key_v2_find_ext(ret, SADB_EXT_LIFETIME_SOFT);
	if (ext) {
		life = (struct sadb_lifetime *)ext->seg;
		ksa.soft_allocations = life->sadb_lifetime_allocations;
		ksa.soft_bytes = life->sadb_lifetime_bytes;
		ksa.soft_timeout = life->sadb_lifetime_addtime;
		ksa.soft_first_use = life->sadb_lifetime_usetime;
	}
	
	ext = pf_key_v2_find_ext(ret, SADB_EXT_LIFETIME_HARD);
	if (ext) {
		life = (struct sadb_lifetime *)ext->seg;
		ksa.exp_allocations = life->sadb_lifetime_allocations;
		ksa.exp_bytes = life->sadb_lifetime_bytes;
		ksa.exp_timeout = life->sadb_lifetime_addtime;
		ksa.exp_first_use = life->sadb_lifetime_usetime;
	}

#if defined (SADB_X_EXT_LIFETIME_LASTUSE)	
	ext = pf_key_v2_find_ext(ret, SADB_X_EXT_LIFETIME_LASTUSE);
	if (ext) {
		life = (struct sadb_lifetime *)ext->seg;
		ksa.last_used = life->sadb_lifetime_usetime;
	}
#endif

	ext = pf_key_v2_find_ext(ret, SADB_EXT_ADDRESS_SRC);
	if (ext) {
		sa = (struct sockaddr *)ext->seg;
		memcpy(&ksa.src, sa,
		    sa->sa_family == AF_INET ? sizeof(struct sockaddr_in) :
		    sizeof(struct sockaddr_in6));
	}
	
	ext = pf_key_v2_find_ext(ret, SADB_EXT_ADDRESS_DST);
	if (ext) {
		sa = (struct sockaddr *)ext->seg;
		memcpy(&ksa.dst, sa,
		    sa->sa_family == AF_INET ? sizeof(struct sockaddr_in) :
		    sizeof(struct sockaddr_in6));
	}

	ext = pf_key_v2_find_ext(ret, SADB_EXT_ADDRESS_PROXY);
	if (ext) {
		sa = (struct sockaddr *)ext->seg;
		memcpy(sa, &ksa.proxy,
		    sa->sa_family == AF_INET ? sizeof(struct sockaddr_in) :
		    sizeof(struct sockaddr_in6));
	}

#if defined (SADB_X_EXT_UDPENCAP)
	ext = pf_key_v2_find_ext(ret, SADB_X_EXT_UDPENCAP);
	if (ext) {
		udpencap = (struct sadb_x_udpencap *)ext->seg;
		ksa.udpencap_port = udpencap->sadb_x_udpencap_port;
	}
#endif

	pf_key_v2_msg_free(ret);

	LOG_DBG_BUF((LOG_SYSDEP, 50, "pf_key_v2_get_kernel_sa: spi", spi,
	    spi_sz));

	return &ksa;
	
  cleanup:
	if (addr)
		free (addr);
	if (gettdb)
		pf_key_v2_msg_free(gettdb);
	if (ret)
		pf_key_v2_msg_free(ret);
	return 0;
}

static void
pf_key_v2_setup_sockaddr(void *res, struct sockaddr *src,
    struct sockaddr *dst, in_port_t port, int ingress)
{
	struct sockaddr_in *ip4_sa;
	struct sockaddr_in6 *ip6_sa;
	u_int8_t       *p;

	switch (src->sa_family) {
	case AF_INET:
		ip4_sa = (struct sockaddr_in *) res;
		ip4_sa->sin_family = AF_INET;
#ifndef USE_OLD_SOCKADDR
		ip4_sa->sin_len = sizeof *ip4_sa;
#endif
		ip4_sa->sin_port = port;
		if (dst)
			p = (u_int8_t *) (ingress ?
			    &((struct sockaddr_in *)src)->sin_addr.s_addr :
			    &((struct sockaddr_in *)dst)->sin_addr.s_addr);
		else
			p = (u_int8_t *)&((struct sockaddr_in *)src)->sin_addr.s_addr;
		ip4_sa->sin_addr.s_addr = *((in_addr_t *) p);
		break;

	case AF_INET6:
		ip6_sa = (struct sockaddr_in6 *) res;
		ip6_sa->sin6_family = AF_INET6;
#ifndef USE_OLD_SOCKADDR
		ip6_sa->sin6_len = sizeof *ip6_sa;
#endif
		ip6_sa->sin6_port = port;
		if (dst)
			p = (u_int8_t *) (ingress ?
			    &((struct sockaddr_in6 *)src)->sin6_addr.s6_addr :
			    &((struct sockaddr_in6 *)dst)->sin6_addr.s6_addr);
		else
			p = (u_int8_t *)&((struct sockaddr_in6 *)src)->sin6_addr.s6_addr;
		memcpy(ip6_sa->sin6_addr.s6_addr, p, sizeof(struct in6_addr));
		break;

	default:
		log_print("pf_key_v2_setup_sockaddr: unknown family %d\n",
		    src->sa_family);
		break;
	}
}

/*
 * Store/update a PF_KEY_V2 security association with full information from the
 * IKE SA and PROTO into the kernel.  INCOMING is set if we are setting the
 * parameters for the incoming SA, and cleared otherwise.
 */
int
pf_key_v2_set_spi(struct sa *sa, struct proto *proto, int incoming,
    struct sa *isakmp_sa)
{
	struct sadb_msg msg;
	struct sadb_sa  ssa;
	struct sadb_lifetime *life = 0;
	struct sadb_address *addr = 0;
	struct sadb_key *key = 0;
	struct sadb_ident *sid = 0;
	struct sockaddr *src, *dst;
	struct pf_key_v2_msg *update = 0, *ret = 0;
	struct ipsec_proto *iproto = proto->data;
	size_t          len;
	int             keylen, hashlen, err;
#ifndef KAME
	u_int8_t       *pp;
	int             idtype;
#else				/* KAME */
	struct sadb_x_sa2 ssa2;
#endif
#if defined (SADB_X_CREDTYPE_NONE) || defined (SADB_X_AUTHTYPE_NONE)
	struct ipsec_sa *isa = sa->data;
	struct sadb_x_cred *cred;
	struct sadb_protocol flowtype, tprotocol;
#endif
#if defined (USE_NAT_TRAVERSAL) && defined (SADB_X_EXT_UDPENCAP)
	struct sadb_x_udpencap udpencap;
#elif defined (USE_NAT_TRAVERSAL) && defined (SADB_X_EXT_NAT_T_TYPE)
	struct sadb_x_nat_t_type nat_t_type;
	struct sadb_x_nat_t_port nat_t_sport;
	struct sadb_x_nat_t_port nat_t_dport;
#endif
#ifdef USE_DEBUG
	char           *addr_str;
#endif

	msg.sadb_msg_type = incoming ? SADB_UPDATE : SADB_ADD;
	switch (proto->proto) {
	case IPSEC_PROTO_IPSEC_ESP:
		msg.sadb_msg_satype = SADB_SATYPE_ESP;
		keylen = ipsec_esp_enckeylength(proto);
		hashlen = ipsec_esp_authkeylength(proto);

		switch (proto->id) {
		case IPSEC_ESP_DES:
		case IPSEC_ESP_DES_IV32:
		case IPSEC_ESP_DES_IV64:
			ssa.sadb_sa_encrypt = SADB_EALG_DESCBC;
			break;

		case IPSEC_ESP_3DES:
			ssa.sadb_sa_encrypt = SADB_EALG_3DESCBC;
			break;

#ifdef SADB_X_EALG_AES
		case IPSEC_ESP_AES:
			/* case IPSEC_ESP_AES_128_CTR: */
			ssa.sadb_sa_encrypt = SADB_X_EALG_AES;
			break;
#endif

#ifdef SADB_X_EALG_CAST
		case IPSEC_ESP_CAST:
			ssa.sadb_sa_encrypt = SADB_X_EALG_CAST;
			break;
#endif

#ifdef SADB_X_EALG_BLF
		case IPSEC_ESP_BLOWFISH:
			ssa.sadb_sa_encrypt = SADB_X_EALG_BLF;
			break;
#endif

		default:
			LOG_DBG((LOG_SYSDEP, 50, "pf_key_v2_set_spi: "
			    "unknown encryption algorithm %d", proto->id));
			return -1;
		}

		switch (iproto->auth) {
		case IPSEC_AUTH_HMAC_MD5:
#ifdef SADB_AALG_MD5HMAC96
			ssa.sadb_sa_auth = SADB_AALG_MD5HMAC96;
#else
			ssa.sadb_sa_auth = SADB_AALG_MD5HMAC;
#endif
			break;

		case IPSEC_AUTH_HMAC_SHA:
#ifdef SADB_AALG_SHA1HMAC96
			ssa.sadb_sa_auth = SADB_AALG_SHA1HMAC96;
#else
			ssa.sadb_sa_auth = SADB_AALG_SHA1HMAC;
#endif
			break;

#ifndef KAME
		case IPSEC_AUTH_HMAC_RIPEMD:
#ifdef SADB_X_AALG_RIPEMD160HMAC96
			ssa.sadb_sa_auth = SADB_X_AALG_RIPEMD160HMAC96;
#elif defined (SADB_X_AALG_RIPEMD160HMAC)
			ssa.sadb_sa_auth = SADB_X_AALG_RIPEMD160HMAC;
#elif defined (SADB_X_AALG_RIPEMD160)
			ssa.sadb_sa_auth = SADB_X_AALG_RIPEMD160;
#else
			ssa.sadb_sa_auth = SADB_AALG_RIPEMD160HMAC;
#endif
			break;
#endif

#ifdef SADB_X_AALG_SHA2_256
		case IPSEC_AUTH_HMAC_SHA2_256:
			ssa.sadb_sa_auth = SADB_X_AALG_SHA2_256;
			break;
#endif

#ifdef SADB_X_AALG_SHA2_384
		case IPSEC_AUTH_HMAC_SHA2_384:
			ssa.sadb_sa_auth = SADB_X_AALG_SHA2_384;
			break;
#endif

#ifdef SADB_X_AALG_SHA2_512
		case IPSEC_AUTH_HMAC_SHA2_512:
			ssa.sadb_sa_auth = SADB_X_AALG_SHA2_512;
			break;
#endif

		case IPSEC_AUTH_DES_MAC:
		case IPSEC_AUTH_KPDK:
			/* XXX We should be supporting KPDK */
			LOG_DBG((LOG_SYSDEP, 50, "pf_key_v2_set_spi: "
			    "unknown authentication algorithm %d",
			    iproto->auth));
			return -1;

		default:
			ssa.sadb_sa_auth = SADB_AALG_NONE;
		}
		break;

	case IPSEC_PROTO_IPSEC_AH:
		msg.sadb_msg_satype = SADB_SATYPE_AH;
		hashlen = ipsec_ah_keylength(proto);
		keylen = 0;

		ssa.sadb_sa_encrypt = SADB_EALG_NONE;
		switch (proto->id) {
		case IPSEC_AH_MD5:
#ifdef SADB_AALG_MD5HMAC96
			ssa.sadb_sa_auth = SADB_AALG_MD5HMAC96;
#else
			ssa.sadb_sa_auth = SADB_AALG_MD5HMAC;
#endif
			break;

		case IPSEC_AH_SHA:
#ifdef SADB_AALG_SHA1HMAC96
			ssa.sadb_sa_auth = SADB_AALG_SHA1HMAC96;
#else
			ssa.sadb_sa_auth = SADB_AALG_SHA1HMAC;
#endif
			break;

#ifndef KAME
		case IPSEC_AH_RIPEMD:
#ifdef SADB_X_AALG_RIPEMD160HMAC96
			ssa.sadb_sa_auth = SADB_X_AALG_RIPEMD160HMAC96;
#elif defined (SADB_X_AALG_RIPEMD160HMAC)
			ssa.sadb_sa_auth = SADB_X_AALG_RIPEMD160HMAC;
#elif defined (SADB_X_AALG_RIPEMD160)
			ssa.sadb_sa_auth = SADB_X_AALG_RIPEMD160;
#else
			ssa.sadb_sa_auth = SADB_AALG_RIPEMD160HMAC;
#endif
			break;
#endif

#ifdef SADB_X_AALG_SHA2_256
		case IPSEC_AH_SHA2_256:
			ssa.sadb_sa_auth = SADB_X_AALG_SHA2_256;
			break;
#endif

#ifdef SADB_X_AALG_SHA2_384
		case IPSEC_AH_SHA2_384:
			ssa.sadb_sa_auth = SADB_X_AALG_SHA2_384;
			break;
#endif

#ifdef SADB_X_AALG_SHA2_512
		case IPSEC_AH_SHA2_512:
			ssa.sadb_sa_auth = SADB_X_AALG_SHA2_512;
			break;
#endif

		default:
			LOG_DBG((LOG_SYSDEP, 50, "pf_key_v2_set_spi: "
			    "unknown authentication algorithm %d", proto->id));
			goto cleanup;
		}
		break;

#ifdef SADB_X_SATYPE_IPCOMP
	case IPSEC_PROTO_IPCOMP:
		msg.sadb_msg_satype = SADB_X_SATYPE_IPCOMP;
		ssa.sadb_sa_auth = SADB_AALG_NONE;
		keylen = 0;
		hashlen = 0;

		/*
		 * Put compression algorithm type in the sadb_sa_encrypt
		 * field.
		 */
		switch (proto->id) {
#ifdef SADB_X_CALG_OUI
		case IPSEC_IPCOMP_OUI:
			ssa.sadb_sa_encrypt = SADB_X_CALG_OUI;
			break;
#endif

#ifdef SADB_X_CALG_DEFLATE
		case IPSEC_IPCOMP_DEFLATE:
			ssa.sadb_sa_encrypt = SADB_X_CALG_DEFLATE;
			break;
#endif

#ifdef SADB_X_CALG_LZS
		case IPSEC_IPCOMP_LZS:
			ssa.sadb_sa_encrypt = SADB_X_CALG_LZS;
			break;
#endif

#ifdef SADB_X_CALG_V42BIS
		case IPSEC_IPCOMP_V42BIS:
			ssa.sadb_sa_encrypt = SADB_X_CALG_V42BIS;
			break;
#endif

		default:
			break;
		}
		break;
#endif /* SADB_X_SATYPE_IPCOMP */

	default:
		log_print("pf_key_v2_set_spi: invalid proto %d", proto->proto);
		goto cleanup;
	}
	if (incoming) {
		sa->transport->vtbl->get_src(sa->transport, &dst);
		sa->transport->vtbl->get_dst(sa->transport, &src);
	}
	else {
		sa->transport->vtbl->get_dst(sa->transport, &dst);
		sa->transport->vtbl->get_src(sa->transport, &src);
	}

#ifdef KAME
	msg.sadb_msg_seq = (incoming ?
	    pf_key_v2_seq_by_sa(proto->spi[incoming], sizeof ssa.sadb_sa_spi,
	    proto->proto, dst, sysdep_sa_len(dst)) : 0);
#else
	msg.sadb_msg_seq = sa->seq;
#endif
	update = pf_key_v2_msg_new(&msg, 0);
	if (!update)
		goto cleanup;

#ifdef KAME
	memset(&ssa2, 0, sizeof ssa2);
	ssa2.sadb_x_sa2_exttype = SADB_X_EXT_SA2;
	ssa2.sadb_x_sa2_len = sizeof ssa2 / PF_KEY_V2_CHUNK;
#if defined (LINUX_IPSEC)
	if (iproto->encap_mode == IPSEC_ENCAP_TUNNEL)
		ssa2.sadb_x_sa2_mode = IPSEC_MODE_TUNNEL;
	else
		ssa2.sadb_x_sa2_mode = IPSEC_MODE_TRANSPORT;
#else
	ssa2.sadb_x_sa2_mode = 0;
#endif
	if (pf_key_v2_msg_add(update, (struct sadb_ext *)&ssa2, 0) == -1)
		goto cleanup;
#endif

	/* Setup the rest of the SA extension.  */
	ssa.sadb_sa_exttype = SADB_EXT_SA;
	ssa.sadb_sa_len = sizeof ssa / PF_KEY_V2_CHUNK;
	if (proto->spi_sz[incoming] == 2)	/* IPCOMP uses 16bit CPIs.  */
		ssa.sadb_sa_spi = htonl(proto->spi[incoming][0] << 8 |
		    proto->spi[incoming][1]);
	else
		memcpy(&ssa.sadb_sa_spi, proto->spi[incoming],
		    sizeof ssa.sadb_sa_spi);
	ssa.sadb_sa_replay = conf_get_str("General", "Shared-SADB") ? 0 :
	    iproto->replay_window;
	ssa.sadb_sa_state = SADB_SASTATE_MATURE;
	ssa.sadb_sa_flags = 0;
#ifdef SADB_X_SAFLAGS_TUNNEL
	if (iproto->encap_mode == IPSEC_ENCAP_TUNNEL ||
	    iproto->encap_mode == IPSEC_ENCAP_UDP_ENCAP_TUNNEL ||
	    iproto->encap_mode == IPSEC_ENCAP_UDP_ENCAP_TUNNEL_DRAFT)
		ssa.sadb_sa_flags = SADB_X_SAFLAGS_TUNNEL;
#endif

	if (isakmp_sa->flags & SA_FLAG_NAT_T_ENABLE) {
#if defined (USE_NAT_TRAVERSAL) && defined (SADB_X_EXT_UDPENCAP)
		memset(&udpencap, 0, sizeof udpencap);
		ssa.sadb_sa_flags |= SADB_X_SAFLAGS_UDPENCAP;
		udpencap.sadb_x_udpencap_exttype = SADB_X_EXT_UDPENCAP;
		udpencap.sadb_x_udpencap_len =
		    sizeof udpencap / PF_KEY_V2_CHUNK;
		udpencap.sadb_x_udpencap_port = sockaddr_port(dst);
		if (pf_key_v2_msg_add(update, (struct sadb_ext *)&udpencap, 0)
		    == -1)
			goto cleanup;
#elif defined (USE_NAT_TRAVERSAL) && defined (SADB_X_EXT_NAT_T_TYPE)
#ifndef UDP_ENCAP_ESPINUDP
#define UDP_ENCAP_ESPINUDP	2
#endif
		memset(&nat_t_type, 0, sizeof nat_t_type);
		memset(&nat_t_sport, 0, sizeof nat_t_sport);
		memset(&nat_t_dport, 0, sizeof nat_t_dport);

		/* type = draft-udp-encap-06 */
		nat_t_type.sadb_x_nat_t_type_len = sizeof nat_t_type / PF_KEY_V2_CHUNK;
		nat_t_type.sadb_x_nat_t_type_exttype = SADB_X_EXT_NAT_T_TYPE;
		nat_t_type.sadb_x_nat_t_type_type = UDP_ENCAP_ESPINUDP;
		if(pf_key_v2_msg_add(update, (struct sadb_ext *)&nat_t_type, 0) == -1)
			goto cleanup;

		/* source port */
		nat_t_sport.sadb_x_nat_t_port_len = sizeof nat_t_sport / 
		                                           PF_KEY_V2_CHUNK;
		nat_t_sport.sadb_x_nat_t_port_exttype = SADB_X_EXT_NAT_T_SPORT;
		nat_t_sport.sadb_x_nat_t_port_port = sockaddr_port(src);
		if(pf_key_v2_msg_add(update, (struct sadb_ext *)&nat_t_sport, 0) == -1)
			goto cleanup;

		/* destination port */
		nat_t_dport.sadb_x_nat_t_port_len = sizeof nat_t_dport / 
		                                           PF_KEY_V2_CHUNK;
		nat_t_dport.sadb_x_nat_t_port_exttype = SADB_X_EXT_NAT_T_DPORT;
		nat_t_dport.sadb_x_nat_t_port_port = sockaddr_port(dst);
		if(pf_key_v2_msg_add(update, (struct sadb_ext *)&nat_t_dport, 0) == -1)
			goto cleanup;

		/* original address (transport mode checksum missing info) goes here */
#endif
    }

	if (pf_key_v2_msg_add(update, (struct sadb_ext *)&ssa, 0) == -1)
		goto cleanup;

	if (sa->seconds || sa->kilobytes) {
		/* Setup the hard limits.  */
		life = malloc(sizeof *life);
		if (!life)
			goto cleanup;
		life->sadb_lifetime_len = sizeof *life / PF_KEY_V2_CHUNK;
		life->sadb_lifetime_exttype = SADB_EXT_LIFETIME_HARD;
		life->sadb_lifetime_allocations = 0;
		life->sadb_lifetime_bytes = sa->kilobytes * 1024;
		/*
		 * XXX I am not sure which one is best in security respect.
		 * Maybe the RFCs actually mandate what a lifetime really is.
	         */
#if 0
		life->sadb_lifetime_addtime = 0;
		life->sadb_lifetime_usetime = sa->seconds;
#else
		life->sadb_lifetime_addtime = sa->seconds;
		life->sadb_lifetime_usetime = 0;
#endif
		if (pf_key_v2_msg_add(update, (struct sadb_ext *) life,
				      PF_KEY_V2_NODE_MALLOCED) == -1)
			goto cleanup;
		life = 0;

		/*
		 * Setup the soft limits, we use 90 % of the hard ones.
		 * XXX A configurable ratio would be better.
	         */
		life = malloc(sizeof *life);
		if (!life)
			goto cleanup;
		life->sadb_lifetime_len = sizeof *life / PF_KEY_V2_CHUNK;
		life->sadb_lifetime_exttype = SADB_EXT_LIFETIME_SOFT;
		life->sadb_lifetime_allocations = 0;
		life->sadb_lifetime_bytes = sa->kilobytes * 1024 * 9 / 10;
		/*
		 * XXX I am not sure which one is best in security respect.
		 * Maybe the RFCs actually mandate what a lifetime really is.
	         */
#if 0
		life->sadb_lifetime_addtime = 0;
		life->sadb_lifetime_usetime = sa->seconds * 9 / 10;
#else
		life->sadb_lifetime_addtime = sa->seconds * 9 / 10;
		life->sadb_lifetime_usetime = 0;
#endif
		if (pf_key_v2_msg_add(update, (struct sadb_ext *) life,
				      PF_KEY_V2_NODE_MALLOCED) == -1)
			goto cleanup;
		life = 0;
	}
	/*
	 * Setup the ADDRESS extensions.
         */
	len = sizeof *addr + PF_KEY_V2_ROUND(sysdep_sa_len(src));
	addr = calloc(1, len);
	if (!addr)
		goto cleanup;
	addr->sadb_address_exttype = SADB_EXT_ADDRESS_SRC;
	addr->sadb_address_len = len / PF_KEY_V2_CHUNK;
#ifndef __OpenBSD__
	addr->sadb_address_proto = 0;
	addr->sadb_address_prefixlen = 0;
#endif
	addr->sadb_address_reserved = 0;
	memcpy(addr + 1, src, sysdep_sa_len(src));
	switch (((struct sockaddr *) (addr + 1))->sa_family) {
	case AF_INET:
		((struct sockaddr_in *) (addr + 1))->sin_port = 0;
		break;
	case AF_INET6:
		((struct sockaddr_in6 *) (addr + 1))->sin6_port = 0;
		break;
	}
	if (pf_key_v2_msg_add(update, (struct sadb_ext *) addr,
	    PF_KEY_V2_NODE_MALLOCED) == -1)
		goto cleanup;
	addr = 0;

	len = sizeof *addr + PF_KEY_V2_ROUND(sysdep_sa_len(dst));
	addr = calloc(1, len);
	if (!addr)
		goto cleanup;
	addr->sadb_address_exttype = SADB_EXT_ADDRESS_DST;
	addr->sadb_address_len = len / PF_KEY_V2_CHUNK;
#ifndef __OpenBSD__
	addr->sadb_address_proto = 0;
	addr->sadb_address_prefixlen = 0;
#endif
	addr->sadb_address_reserved = 0;
	memcpy(addr + 1, dst, sysdep_sa_len(dst));
	switch (((struct sockaddr *) (addr + 1))->sa_family) {
	case AF_INET:
		((struct sockaddr_in *) (addr + 1))->sin_port = 0;
		break;
	case AF_INET6:
		((struct sockaddr_in6 *) (addr + 1))->sin6_port = 0;
		break;
	}
	if (pf_key_v2_msg_add(update, (struct sadb_ext *) addr,
	    PF_KEY_V2_NODE_MALLOCED) == -1)
		goto cleanup;
	addr = 0;

#if 0
	/* XXX I am not sure about what to do here just yet.  */
	if (iproto->encap_mode == IPSEC_ENCAP_TUNNEL) {
		len = sizeof *addr + PF_KEY_V2_ROUND(sysdep_sa_len(dst));
		addr = calloc(1, len);
		if (!addr)
			goto cleanup;
		addr->sadb_address_exttype = SADB_EXT_ADDRESS_PROXY;
		addr->sadb_address_len = len / PF_KEY_V2_CHUNK;
#ifndef __OpenBSD__
		addr->sadb_address_proto = 0;
		addr->sadb_address_prefixlen = 0;
#endif
		addr->sadb_address_reserved = 0;
		memcpy(addr + 1, dst, sysdep_sa_len(dst));
		switch (((struct sockaddr *) (addr + 1))->sa_family) {
		case AF_INET:
			((struct sockaddr_in *) (addr + 1))->sin_port = 0;
			break;
		case AF_INET6:
			((struct sockaddr_in6 *) (addr + 1))->sin6_port = 0;
			break;
		}
		if (pf_key_v2_msg_add(update, (struct sadb_ext *) addr,
		    PF_KEY_V2_NODE_MALLOCED) == -1)
			goto cleanup;
		addr = 0;
#if 0
		msg->em_odst = msg->em_dst;
		msg->em_osrc = msg->em_src;
#endif
	}
#endif

	if (proto->proto != IPSEC_PROTO_IPCOMP) {
		/* Setup the KEY extensions.  */
		if (hashlen) {
			len = sizeof *key + PF_KEY_V2_ROUND(hashlen);
			key = malloc(len);
			if (!key)
				goto cleanup;
			key->sadb_key_exttype = SADB_EXT_KEY_AUTH;
			key->sadb_key_len = len / PF_KEY_V2_CHUNK;
			key->sadb_key_bits = hashlen * 8;
			key->sadb_key_reserved = 0;
			memcpy(key + 1,
			    iproto->keymat[incoming] +
			    (proto->proto ==
				IPSEC_PROTO_IPSEC_ESP ? keylen : 0),
			    hashlen);
			if (pf_key_v2_msg_add(update, (struct sadb_ext *) key,
			    PF_KEY_V2_NODE_MALLOCED) == -1)
				goto cleanup;
			key = 0;
		}
		if (keylen) {
			len = sizeof *key + PF_KEY_V2_ROUND(keylen);
			key = malloc(len);
			if (!key)
				goto cleanup;
			key->sadb_key_exttype = SADB_EXT_KEY_ENCRYPT;
			key->sadb_key_len = len / PF_KEY_V2_CHUNK;
			key->sadb_key_bits = keylen * 8;
			key->sadb_key_reserved = 0;
			memcpy(key + 1, iproto->keymat[incoming], keylen);
			if (pf_key_v2_msg_add(update, (struct sadb_ext *) key,
			    PF_KEY_V2_NODE_MALLOCED) == -1)
				goto cleanup;
			key = 0;
		}
	}
#ifndef KAME
	/* Setup identity extensions. */
	if (isakmp_sa->id_i) {
		pp = pf_key_v2_convert_id(isakmp_sa->id_i, isakmp_sa->id_i_len,
		    &len, &idtype);
		if (!pp)
			goto nosid;

		sid = calloc(PF_KEY_V2_ROUND(len + 1) + sizeof *sid,
		    sizeof(u_int8_t));
		if (!sid) {
			free(pp);
			goto cleanup;
		}
		sid->sadb_ident_type = idtype;
		sid->sadb_ident_len = ((sizeof *sid) / PF_KEY_V2_CHUNK) +
		    PF_KEY_V2_ROUND(len + 1) / PF_KEY_V2_CHUNK;
		if ((isakmp_sa->initiator && !incoming) ||
		    (!isakmp_sa->initiator && incoming))
			sid->sadb_ident_exttype = SADB_EXT_IDENTITY_SRC;
		else
			sid->sadb_ident_exttype = SADB_EXT_IDENTITY_DST;

		memcpy(sid + 1, pp, len);
		free(pp);

		if (pf_key_v2_msg_add(update, (struct sadb_ext *) sid,
		    PF_KEY_V2_NODE_MALLOCED) == -1)
			goto cleanup;
		sid = 0;

nosid:
		if (sid)
			free(sid);
		sid = 0;
	}
	if (isakmp_sa->id_r) {
		pp = pf_key_v2_convert_id(isakmp_sa->id_r, isakmp_sa->id_r_len,
		    &len, &idtype);
		if (!pp)
			goto nodid;

		sid = calloc(PF_KEY_V2_ROUND(len + 1) + sizeof *sid,
		    sizeof(u_int8_t));
		if (!sid) {
			free(pp);
			goto cleanup;
		}
		sid->sadb_ident_type = idtype;
		sid->sadb_ident_len = ((sizeof *sid) / PF_KEY_V2_CHUNK) +
		    PF_KEY_V2_ROUND(len + 1) / PF_KEY_V2_CHUNK;
		if ((isakmp_sa->initiator && !incoming) ||
		    (!isakmp_sa->initiator && incoming))
			sid->sadb_ident_exttype = SADB_EXT_IDENTITY_DST;
		else
			sid->sadb_ident_exttype = SADB_EXT_IDENTITY_SRC;

		memcpy(sid + 1, pp, len);
		free(pp);

		if (pf_key_v2_msg_add(update, (struct sadb_ext *) sid,
		    PF_KEY_V2_NODE_MALLOCED) == -1)
			goto cleanup;
		sid = 0;

nodid:
		if (sid)
			free(sid);
		sid = 0;
	}
#endif /* KAME */

#ifdef SADB_X_CREDTYPE_NONE
	/*
	 * Send received credentials to the kernel. We don't bother with
	 * our credentials, since the process either knows them (if it
	 * specified them with setsockopt()), or has no business looking at
	 * them (e.g., system wide certs).
         */
	if (isakmp_sa->recv_cert) {
		switch (isakmp_sa->recv_certtype) {
		case ISAKMP_CERTENC_NONE:
			/* Nothing to be done here. */
			break;

#if defined (USE_KEYNOTE) && defined (SADB_X_EXT_REMOTE_CREDENTIALS)
		case ISAKMP_CERTENC_KEYNOTE:
			len = strlen(isakmp_sa->recv_cert);
			cred = calloc(PF_KEY_V2_ROUND(len) + sizeof *cred,
			    sizeof(u_int8_t));
			if (!cred)
				goto cleanup;

			cred->sadb_x_cred_len =
			    ((sizeof *cred) / PF_KEY_V2_CHUNK) +
			    PF_KEY_V2_ROUND(len) / PF_KEY_V2_CHUNK;
			cred->sadb_x_cred_exttype =
			    SADB_X_EXT_REMOTE_CREDENTIALS;
			cred->sadb_x_cred_type = SADB_X_CREDTYPE_KEYNOTE;
			memcpy(cred + 1, isakmp_sa->recv_cert, len);

			if (pf_key_v2_msg_add(update, (struct sadb_ext *) cred,
			    PF_KEY_V2_NODE_MALLOCED) == -1)
				goto cleanup;
			break;
#endif				/* USE_KEYNOTE */

#if defined (USE_X509) && defined (SADB_X_EXT_REMOTE_CREDENTIALS)
		case ISAKMP_CERTENC_X509_SIG:
			{
				u_int8_t       *data;
				u_int32_t       datalen;
				struct cert_handler *handler;

				/* We do it this way to avoid weird includes.*/
				handler = cert_get(ISAKMP_CERTENC_X509_SIG);
				if (!handler)
					break;
				handler->cert_serialize(isakmp_sa->recv_cert,
				    &data, &datalen);
				if (!data)
					break;

				len = datalen;
				cred =
				    calloc(PF_KEY_V2_ROUND(len) + sizeof *cred,
					sizeof(u_int8_t));
				if (!cred) {
					free(data);
					goto cleanup;
				}
				cred->sadb_x_cred_len =
				    ((sizeof *cred) / PF_KEY_V2_CHUNK) +
				    PF_KEY_V2_ROUND(len) / PF_KEY_V2_CHUNK;
				cred->sadb_x_cred_exttype =
				    SADB_X_EXT_REMOTE_CREDENTIALS;
				cred->sadb_x_cred_type = SADB_X_CREDTYPE_X509;
				memcpy(cred + 1, data, len);
				free(data);

				if (pf_key_v2_msg_add(update,
				    (struct sadb_ext *) cred,
				    PF_KEY_V2_NODE_MALLOCED) == -1)
					goto cleanup;
			}
			break;
#endif /* USE_X509 */
		}
	}
#endif /* SADB_X_CREDTYPE_NONE */

#ifdef SADB_X_AUTHTYPE_NONE
	/*
	 * Tell the kernel what the peer used to authenticate, unless it was a
	 * passphrase.
         */
	if (isakmp_sa->recv_key) {
		u_int8_t       *data;

		/*
		 * If it's a private key, we shouldn't pass it to the kernel
		 * for processes to see; successful authentication of Phase 1
		 * implies that the process already knew the passphrase. On
		 * the other hand, we don't want to reveal to processes any
		 * system-wide passphrases used for authentication with remote
		 * systems. Same reason we don't send up the key (private or
		 * passphrase) we used to authenticate with the peer.
	         */
		if (isakmp_sa->recv_keytype == ISAKMP_KEY_PASSPHRASE)
			goto doneauth;

		key_serialize(isakmp_sa->recv_keytype, ISAKMP_KEYTYPE_PUBLIC,
		    isakmp_sa->recv_key, &data, &len);
		if (!data)
			goto cleanup;

		cred = calloc(PF_KEY_V2_ROUND(len) + sizeof *cred,
		    sizeof(u_int8_t));
		if (!cred) {
			free(data);
			goto cleanup;
		}
		cred->sadb_x_cred_len = ((sizeof *cred) / PF_KEY_V2_CHUNK) +
		    PF_KEY_V2_ROUND(len) / PF_KEY_V2_CHUNK;
		cred->sadb_x_cred_exttype = SADB_X_EXT_REMOTE_AUTH;
		memcpy(cred + 1, data, len);
		free(data);

		switch (isakmp_sa->recv_keytype) {
		case ISAKMP_KEY_RSA:
			cred->sadb_x_cred_type = SADB_X_AUTHTYPE_RSA;
			break;

		default:
			log_print("pf_key_v2_set_spi: "
			    "unknown received key type %d",
			    isakmp_sa->recv_keytype);
			free(cred);
			goto cleanup;
		}

		if (pf_key_v2_msg_add(update, (struct sadb_ext *) cred,
		    PF_KEY_V2_NODE_MALLOCED) == -1)
			goto cleanup;
	}
doneauth:
#endif				/* SADB_X_AUTHTYPE_NONE */

#ifdef SADB_X_EXT_FLOW_TYPE
	/* Setup the flow type extension.  */
	bzero(&flowtype, sizeof flowtype);
	flowtype.sadb_protocol_exttype = SADB_X_EXT_FLOW_TYPE;
	flowtype.sadb_protocol_len = sizeof flowtype / PF_KEY_V2_CHUNK;
	flowtype.sadb_protocol_direction = incoming ?
	    IPSP_DIRECTION_IN : IPSP_DIRECTION_OUT;

	if (pf_key_v2_msg_add(update, (struct sadb_ext *)&flowtype, 0) == -1)
		goto cleanup;

	bzero(&tprotocol, sizeof tprotocol);
	tprotocol.sadb_protocol_exttype = SADB_X_EXT_PROTOCOL;
	tprotocol.sadb_protocol_len = sizeof tprotocol / PF_KEY_V2_CHUNK;
	tprotocol.sadb_protocol_proto = isa->tproto;

	if (pf_key_v2_msg_add(update, (struct sadb_ext *)&tprotocol,
	    0) == -1)
		goto cleanup;

	len = sizeof *addr + PF_KEY_V2_ROUND(sysdep_sa_len(isa->src_net));
	addr = calloc(1, len);
	if (!addr)
		goto cleanup;
	addr->sadb_address_exttype = incoming ?
	    SADB_X_EXT_DST_FLOW : SADB_X_EXT_SRC_FLOW;
	addr->sadb_address_len = len / PF_KEY_V2_CHUNK;
	addr->sadb_address_reserved = 0;
	pf_key_v2_setup_sockaddr(addr + 1, isa->src_net, 0, isa->sport, 0);
	if (pf_key_v2_msg_add(update, (struct sadb_ext *) addr,
	    PF_KEY_V2_NODE_MALLOCED) == -1)
		goto cleanup;
	addr = 0;

	addr = calloc(1, len);
	if (!addr)
		goto cleanup;
	addr->sadb_address_exttype =
		incoming ? SADB_X_EXT_DST_MASK : SADB_X_EXT_SRC_MASK;
	addr->sadb_address_len = len / PF_KEY_V2_CHUNK;
	addr->sadb_address_reserved = 0;
	pf_key_v2_setup_sockaddr(addr + 1, isa->src_mask, 0,
	    isa->sport ? 0xffff : 0, 0);
	if (pf_key_v2_msg_add(update, (struct sadb_ext *) addr,
	    PF_KEY_V2_NODE_MALLOCED) == -1)
		goto cleanup;
	addr = 0;

	addr = calloc(1, len);
	if (!addr)
		goto cleanup;
	addr->sadb_address_exttype = incoming ?
	    SADB_X_EXT_SRC_FLOW : SADB_X_EXT_DST_FLOW;
	addr->sadb_address_len = len / PF_KEY_V2_CHUNK;
	addr->sadb_address_reserved = 0;
	pf_key_v2_setup_sockaddr(addr + 1, isa->dst_net, 0, isa->dport, 0);
	if (pf_key_v2_msg_add(update, (struct sadb_ext *) addr,
	    PF_KEY_V2_NODE_MALLOCED) == -1)
		goto cleanup;
	addr = 0;

	addr = calloc(1, len);
	if (!addr)
		goto cleanup;
	addr->sadb_address_exttype =
		incoming ? SADB_X_EXT_SRC_MASK : SADB_X_EXT_DST_MASK;
	addr->sadb_address_len = len / PF_KEY_V2_CHUNK;
	addr->sadb_address_reserved = 0;
	pf_key_v2_setup_sockaddr(addr + 1, isa->dst_mask, 0,
	    isa->dport ? 0xffff : 0, 0);
	if (pf_key_v2_msg_add(update, (struct sadb_ext *) addr,
	    PF_KEY_V2_NODE_MALLOCED) == -1)
		goto cleanup;
	addr = 0;
#endif /* SADB_X_EXT_FLOW_TYPE */

	/* XXX Here can sensitivity extensions be setup.  */

#ifdef USE_DEBUG
	if (sockaddr2text(dst, &addr_str, 0))
		addr_str = 0;

	LOG_DBG((LOG_SYSDEP, 10, "pf_key_v2_set_spi: "
	    "satype %d dst %s SPI 0x%x", msg.sadb_msg_satype,
	    addr_str ? addr_str : "unknown", ntohl(ssa.sadb_sa_spi)));

	if (addr_str)
		free(addr_str);
#endif				/* USE_DEBUG */

	/*
	 * Although PF_KEY knows about expirations, it is unreliable per the
	 * specs thus we need to do them inside isakmpd as well.
         */
	if (sa->seconds)
		if (sa_setup_expirations(sa))
			goto cleanup;

	ret = pf_key_v2_call(update);
	pf_key_v2_msg_free(update);
	update = 0;
	if (!ret)
		goto cleanup;
	err = ((struct sadb_msg *)TAILQ_FIRST(ret)->seg)->sadb_msg_errno;
	pf_key_v2_msg_free(ret);
	ret = 0;

	/*
	 * If we are doing an addition into an SADB shared with our peer,
	 * errors here are to be expected as the peer will already have
	 * created the SA, and can thus be ignored.
         */
	if (err && !(msg.sadb_msg_type == SADB_ADD &&
	    conf_get_str("General", "Shared-SADB"))) {
		log_print("pf_key_v2_set_spi: %s: %s",
		    msg.sadb_msg_type == SADB_ADD ? "ADD" : "UPDATE",
		    strerror(err));
		goto cleanup;
	}
	LOG_DBG((LOG_SYSDEP, 50, "pf_key_v2_set_spi: done"));

	return 0;

cleanup:
	if (sid)
		free(sid);
	if (addr)
		free(addr);
	if (life)
		free(life);
	if (key)
		free(key);
	if (update)
		pf_key_v2_msg_free(update);
	if (ret)
		pf_key_v2_msg_free(ret);
	return -1;
}

static __inline__ int
pf_key_v2_mask_to_bits(u_int32_t mask)
{
	u_int32_t       hmask = ntohl(mask);

	return (33 - ffs(~hmask + 1)) % 33;
}

static int
pf_key_v2_mask6_to_bits(u_int8_t * mask)
{
	int             n;

	bit_ffc(mask, 128, &n);
	return n == -1 ? 128 : n;
}

/*
 * Enable/disable a flow.
 * XXX Assumes OpenBSD {ADD,DEL}FLOW extensions.
 * Should probably be moved to sysdep.c
 */
static int
pf_key_v2_flow(struct sockaddr *laddr, struct sockaddr *lmask,
    struct sockaddr *raddr, struct sockaddr *rmask,
    u_int8_t tproto, u_int16_t sport, u_int16_t dport,
    u_int8_t *spi, u_int8_t proto, struct sockaddr *dst,
    struct sockaddr *src, int delete, int ingress,
    u_int8_t srcid_type, u_int8_t *srcid, int srcid_len,
    u_int8_t dstid_type, u_int8_t *dstid, int dstid_len,
    struct ipsec_proto *iproto)
{
#ifdef USE_DEBUG
	char           *laddr_str, *lmask_str, *raddr_str, *rmask_str;
#endif

#if defined (SADB_X_ADDFLOW) && defined (SADB_X_DELFLOW)
	struct sadb_msg msg;
#if defined (SADB_X_EXT_FLOW_TYPE)
	struct sadb_protocol flowtype;
	struct sadb_ident *sid = 0;
#else
	struct sadb_sa  ssa;
#endif
	struct sadb_address *addr = 0;
	struct sadb_protocol tprotocol;
	struct pf_key_v2_msg *flow = 0, *ret = 0;
	size_t          len;
	int             err;

#if !defined (SADB_X_SAFLAGS_INGRESS_FLOW) && !defined (SADB_X_EXT_FLOW_TYPE)
	if (ingress)
		return 0;
#endif

	msg.sadb_msg_type = delete ? SADB_X_DELFLOW : SADB_X_ADDFLOW;
	switch (proto) {
	case IPSEC_PROTO_IPSEC_ESP:
		msg.sadb_msg_satype = SADB_SATYPE_ESP;
		break;
	case IPSEC_PROTO_IPSEC_AH:
		msg.sadb_msg_satype = SADB_SATYPE_AH;
		break;
	case IPSEC_PROTO_IPCOMP:
		msg.sadb_msg_satype = SADB_X_SATYPE_IPCOMP;
		break;
	default:
		log_print("pf_key_v2_flow: invalid proto %d", proto);
		goto cleanup;
	}
	msg.sadb_msg_seq = 0;
	flow = pf_key_v2_msg_new(&msg, 0);
	if (!flow)
		goto cleanup;

#if defined (SADB_X_EXT_FLOW_TYPE)
	if (!delete) {
		/* Setup the source ID, if provided. */
		if (srcid) {
			sid = calloc(
			    PF_KEY_V2_ROUND(srcid_len + 1) + sizeof *sid,
			    sizeof(u_int8_t));
			if (!sid)
				goto cleanup;

			sid->sadb_ident_len = ((sizeof *sid) / PF_KEY_V2_CHUNK)
			    + PF_KEY_V2_ROUND(srcid_len + 1) / PF_KEY_V2_CHUNK;
			sid->sadb_ident_exttype = SADB_EXT_IDENTITY_SRC;
			sid->sadb_ident_type = srcid_type;

			memcpy(sid + 1, srcid, srcid_len);

			if (pf_key_v2_msg_add(flow, (struct sadb_ext *) sid,
			    PF_KEY_V2_NODE_MALLOCED) == -1)
				goto cleanup;

			sid = 0;
		}
		/* Setup the destination ID, if provided. */
		if (dstid) {
			sid = calloc(
			    PF_KEY_V2_ROUND(dstid_len + 1) + sizeof *sid,
			    sizeof(u_int8_t));
			if (!sid)
				goto cleanup;

			sid->sadb_ident_len = ((sizeof *sid) / PF_KEY_V2_CHUNK)
			    + PF_KEY_V2_ROUND(dstid_len + 1) / PF_KEY_V2_CHUNK;
			sid->sadb_ident_exttype = SADB_EXT_IDENTITY_DST;
			sid->sadb_ident_type = dstid_type;

			memcpy(sid + 1, dstid, dstid_len);

			if (pf_key_v2_msg_add(flow, (struct sadb_ext *) sid,
			    PF_KEY_V2_NODE_MALLOCED) == -1)
				goto cleanup;

			sid = 0;
		}
	}
	/* Setup the flow type extension.  */
	bzero(&flowtype, sizeof flowtype);
	flowtype.sadb_protocol_exttype = SADB_X_EXT_FLOW_TYPE;
	flowtype.sadb_protocol_len = sizeof flowtype / PF_KEY_V2_CHUNK;
	flowtype.sadb_protocol_direction =
	    ingress ? IPSP_DIRECTION_IN : IPSP_DIRECTION_OUT;
	flowtype.sadb_protocol_proto =
	    ingress ? SADB_X_FLOW_TYPE_USE : SADB_X_FLOW_TYPE_REQUIRE;

	if (pf_key_v2_msg_add(flow, (struct sadb_ext *)&flowtype, 0) == -1)
		goto cleanup;
#else				/* SADB_X_EXT_FLOW_TYPE */
	/* Setup the SA extension.  */
	ssa.sadb_sa_exttype = SADB_EXT_SA;
	ssa.sadb_sa_len = sizeof ssa / PF_KEY_V2_CHUNK;
	memcpy(&ssa.sadb_sa_spi, spi, sizeof ssa.sadb_sa_spi);
	ssa.sadb_sa_replay = 0;
	ssa.sadb_sa_state = 0;
	ssa.sadb_sa_auth = 0;
	ssa.sadb_sa_encrypt = 0;
	ssa.sadb_sa_flags = 0;
#if defined (SADB_X_SAFLAGS_INGRESS_FLOW)
	if (ingress)
		ssa.sadb_sa_flags |= SADB_X_SAFLAGS_INGRESS_FLOW;
#endif
#if defined (SADB_X_SAFLAGS_REPLACEFLOW)
	if (!delete && !ingress)
		ssa.sadb_sa_flags |= SADB_X_SAFLAGS_REPLACEFLOW;
#endif

	if (pf_key_v2_msg_add(flow, (struct sadb_ext *)&ssa, 0) == -1)
		goto cleanup;
#endif				/* SADB_X_EXT_FLOW_TYPE */

	/*
	 * Setup the ADDRESS extensions.
         */
	len = sizeof *addr + PF_KEY_V2_ROUND(sysdep_sa_len(src));
#if !defined (SADB_X_EXT_FLOW_TYPE)
	if (!delete || ingress)
#else
	if (!delete)
#endif				/* SADB_X_EXT_FLOW_TYPE */
	{
		addr = calloc(1, len);
		if (!addr)
			goto cleanup;
		addr->sadb_address_exttype = SADB_EXT_ADDRESS_DST;
		addr->sadb_address_len = len / PF_KEY_V2_CHUNK;
		addr->sadb_address_reserved = 0;
#if defined (SADB_X_EXT_FLOW_TYPE)
		pf_key_v2_setup_sockaddr(addr + 1, src, dst, 0, ingress);
#else
		pf_key_v2_setup_sockaddr(addr + 1, dst, 0, 0, 0);
#endif
		if (pf_key_v2_msg_add(flow, (struct sadb_ext *) addr,
				      PF_KEY_V2_NODE_MALLOCED) == -1)
			goto cleanup;
		addr = 0;
	}
	len = sizeof *addr + PF_KEY_V2_ROUND(sysdep_sa_len(laddr));
	addr = calloc(1, len);
	if (!addr)
		goto cleanup;
	addr->sadb_address_exttype = SADB_X_EXT_SRC_FLOW;
	addr->sadb_address_len = len / PF_KEY_V2_CHUNK;
	addr->sadb_address_reserved = 0;
	pf_key_v2_setup_sockaddr(addr + 1, laddr, 0, sport, 0);
	if (pf_key_v2_msg_add(flow, (struct sadb_ext *) addr,
			      PF_KEY_V2_NODE_MALLOCED) == -1)
		goto cleanup;
	addr = 0;

	addr = calloc(1, len);
	if (!addr)
		goto cleanup;
	addr->sadb_address_exttype = SADB_X_EXT_SRC_MASK;
	addr->sadb_address_len = len / PF_KEY_V2_CHUNK;
	addr->sadb_address_reserved = 0;
	pf_key_v2_setup_sockaddr(addr + 1, lmask, 0, sport ? 0xffff : 0, 0);
	if (pf_key_v2_msg_add(flow, (struct sadb_ext *) addr,
			      PF_KEY_V2_NODE_MALLOCED) == -1)
		goto cleanup;
	addr = 0;

	addr = calloc(1, len);
	if (!addr)
		goto cleanup;
	addr->sadb_address_exttype = SADB_X_EXT_DST_FLOW;
	addr->sadb_address_len = len / PF_KEY_V2_CHUNK;
	addr->sadb_address_reserved = 0;
	pf_key_v2_setup_sockaddr(addr + 1, raddr, 0, dport, 0);
	if (pf_key_v2_msg_add(flow, (struct sadb_ext *) addr,
			      PF_KEY_V2_NODE_MALLOCED) == -1)
		goto cleanup;
	addr = 0;

	addr = calloc(1, len);
	if (!addr)
		goto cleanup;
	addr->sadb_address_exttype = SADB_X_EXT_DST_MASK;
	addr->sadb_address_len = len / PF_KEY_V2_CHUNK;
	addr->sadb_address_reserved = 0;
	pf_key_v2_setup_sockaddr(addr + 1, rmask, 0, dport ? 0xffff : 0, 0);
	if (pf_key_v2_msg_add(flow, (struct sadb_ext *) addr,
			      PF_KEY_V2_NODE_MALLOCED) == -1)
		goto cleanup;
	addr = 0;

	/* Setup the protocol extension.  */
	bzero(&tprotocol, sizeof tprotocol);
	tprotocol.sadb_protocol_exttype = SADB_X_EXT_PROTOCOL;
	tprotocol.sadb_protocol_len = sizeof tprotocol / PF_KEY_V2_CHUNK;
	tprotocol.sadb_protocol_proto = tproto;

	if (pf_key_v2_msg_add(flow, (struct sadb_ext *)&tprotocol, 0) == -1)
		goto cleanup;

#ifdef USE_DEBUG
	if (sockaddr2text(laddr, &laddr_str, 0))
		laddr_str = 0;
	if (sockaddr2text(lmask, &lmask_str, 0))
		lmask_str = 0;
	if (sockaddr2text(raddr, &raddr_str, 0))
		raddr_str = 0;
	if (sockaddr2text(rmask, &rmask_str, 0))
		rmask_str = 0;

	LOG_DBG((LOG_SYSDEP, 50,
	   "pf_key_v2_flow: src %s %s dst %s %s proto %u sport %u dport %u",
	 laddr_str ? laddr_str : "<??\?>", lmask_str ? lmask_str : "<??\?>",
	 raddr_str ? raddr_str : "<??\?>", rmask_str ? rmask_str : "<??\?>",
		 tproto, ntohs(sport), ntohs(dport)));

	if (laddr_str)
		free(laddr_str);
	if (lmask_str)
		free(lmask_str);
	if (raddr_str)
		free(raddr_str);
	if (rmask_str)
		free(rmask_str);
#endif				/* USE_DEBUG */

	ret = pf_key_v2_call(flow);
	pf_key_v2_msg_free(flow);
	flow = 0;
	if (!ret)
		goto cleanup;
	err = ((struct sadb_msg *)TAILQ_FIRST(ret)->seg)->sadb_msg_errno;
	if (err) {
		if (err == ESRCH)	/* These are common and usually
					 * harmless.  */
			LOG_DBG((LOG_SYSDEP, 10, "pf_key_v2_flow: %sFLOW: %s",
				 delete ? "DEL" : "ADD", strerror(err)));
		else
			log_print("pf_key_v2_flow: %sFLOW: %s",
			    delete ? "DEL" : "ADD", strerror(err));
		goto cleanup;
	}
	pf_key_v2_msg_free(ret);

	LOG_DBG((LOG_MISC, 50, "pf_key_v2_flow: %sFLOW: done",
		 delete ? "DEL" : "ADD"));

	return 0;

cleanup:
#if defined (SADB_X_EXT_FLOW_TYPE)
	if (sid)
		free(sid);
#endif				/* SADB_X_EXT_FLOW_TYPE */
	if (addr)
		free(addr);
	if (flow)
		pf_key_v2_msg_free(flow);
	if (ret)
		pf_key_v2_msg_free(ret);
	return -1;

#elif defined (SADB_X_SPDUPDATE) && defined (SADB_X_SPDDELETE)
	struct sadb_msg msg;
	struct sadb_x_policy *policy = 0;
	struct sadb_x_ipsecrequest *ipsecrequest;
	struct sadb_x_sa2 ssa2;
	struct sadb_address *addr = 0;
	struct sockaddr *saddr;
	struct pf_key_v2_msg *flow = 0, *ret = 0;
	u_int8_t       *policy_buf;
	size_t          len;
	int             err;
	struct sockaddr_in *ip4_sa;
	struct sockaddr_in6 *ip6_sa;

	msg.sadb_msg_type = delete ? SADB_X_SPDDELETE : SADB_X_SPDUPDATE;
	msg.sadb_msg_satype = SADB_SATYPE_UNSPEC;
	msg.sadb_msg_seq = 0;
	flow = pf_key_v2_msg_new(&msg, 0);
	if (!flow)
		goto cleanup;

	memset(&ssa2, 0, sizeof ssa2);
	ssa2.sadb_x_sa2_exttype = SADB_X_EXT_SA2;
	ssa2.sadb_x_sa2_len = sizeof ssa2 / PF_KEY_V2_CHUNK;
	ssa2.sadb_x_sa2_mode = 0;
	if (pf_key_v2_msg_add(flow, (struct sadb_ext *)&ssa2, 0) == -1)
		goto cleanup;

	/*
	 * Setup the ADDRESS extensions.
         */
	len = sizeof *addr + PF_KEY_V2_ROUND(sysdep_sa_len(src));
	addr = calloc(1, len);
	if (!addr)
		goto cleanup;
	addr->sadb_address_exttype = SADB_EXT_ADDRESS_SRC;
	addr->sadb_address_len = len / PF_KEY_V2_CHUNK;
#ifdef LINUX_IPSEC
	addr->sadb_address_proto = tproto;
#else
	addr->sadb_address_proto = IPSEC_ULPROTO_ANY;
#endif
	addr->sadb_address_reserved = 0;
#ifdef LINUX_IPSEC
	pf_key_v2_setup_sockaddr(addr + 1, laddr, 0, sport, 0);
#else
	pf_key_v2_setup_sockaddr(addr + 1, laddr, 0, IPSEC_PORT_ANY, 0);
#endif
	switch (laddr->sa_family) {
	case AF_INET:
		ip4_sa = (struct sockaddr_in *) lmask;
		addr->sadb_address_prefixlen
			= pf_key_v2_mask_to_bits(ip4_sa->sin_addr.s_addr);
		break;
	case AF_INET6:
		ip6_sa = (struct sockaddr_in6 *) lmask;
		addr->sadb_address_prefixlen =
			pf_key_v2_mask6_to_bits(&ip6_sa->sin6_addr.s6_addr[0]);
		break;
	}
	if (pf_key_v2_msg_add(flow, (struct sadb_ext *) addr,
			      PF_KEY_V2_NODE_MALLOCED) == -1)
		goto cleanup;
	addr = 0;

	len = sizeof *addr + PF_KEY_V2_ROUND(sysdep_sa_len(raddr));
	addr = calloc(1, len);
	if (!addr)
		goto cleanup;
	addr->sadb_address_exttype = SADB_EXT_ADDRESS_DST;
	addr->sadb_address_len = len / PF_KEY_V2_CHUNK;
#ifdef LINUX_IPSEC
	addr->sadb_address_proto = tproto;
#else
	addr->sadb_address_proto = IPSEC_ULPROTO_ANY;
#endif
	addr->sadb_address_reserved = 0;
#ifdef LINUX_IPSEC
	pf_key_v2_setup_sockaddr(addr + 1, raddr, 0, dport, 0);
#else
	pf_key_v2_setup_sockaddr(addr + 1, raddr, 0, IPSEC_PORT_ANY, 0);
#endif
	switch (raddr->sa_family) {
	case AF_INET:
		ip4_sa = (struct sockaddr_in *) rmask;
		addr->sadb_address_prefixlen
			= pf_key_v2_mask_to_bits(ip4_sa->sin_addr.s_addr);
		break;
	case AF_INET6:
		ip6_sa = (struct sockaddr_in6 *) rmask;
		addr->sadb_address_prefixlen =
			pf_key_v2_mask6_to_bits(&ip6_sa->sin6_addr.s6_addr[0]);
		break;
	}
	if (pf_key_v2_msg_add(flow, (struct sadb_ext *) addr,
			      PF_KEY_V2_NODE_MALLOCED) == -1)
		goto cleanup;
	addr = 0;

	/* Setup the POLICY extension.  */
	len = sizeof *policy + sizeof *ipsecrequest +
		2 * PF_KEY_V2_ROUND(sysdep_sa_len(src));
	policy_buf = (u_int8_t *) calloc(1, len);
	if (!policy_buf) {
		log_error("pf_key_v2_flow: calloc %lu failed",
		    (unsigned long) len);
		goto cleanup;
	}
	policy = (struct sadb_x_policy *) policy_buf;
	policy->sadb_x_policy_exttype = SADB_X_EXT_POLICY;
	policy->sadb_x_policy_len = len / PF_KEY_V2_CHUNK;
	policy->sadb_x_policy_type = IPSEC_POLICY_IPSEC;
	if (ingress)
		policy->sadb_x_policy_dir = IPSEC_DIR_INBOUND;
	else
		policy->sadb_x_policy_dir = IPSEC_DIR_OUTBOUND;
	policy->sadb_x_policy_reserved = 0;

	/* Setup the IPSECREQUEST extension part.  */
	ipsecrequest = (struct sadb_x_ipsecrequest *) (policy + 1);
	ipsecrequest->sadb_x_ipsecrequest_len = len - sizeof *policy;
	switch (proto) {
	case IPSEC_PROTO_IPSEC_ESP:
		ipsecrequest->sadb_x_ipsecrequest_proto = IPPROTO_ESP;
		break;
	case IPSEC_PROTO_IPSEC_AH:
		ipsecrequest->sadb_x_ipsecrequest_proto = IPPROTO_AH;
		break;
	default:
		log_print("pf_key_v2_flow: invalid proto %d", proto);
		goto cleanup;
	}
#if defined (LINUX_IPSEC)
	if (iproto->encap_mode == IPSEC_ENCAP_TUNNEL)
		ipsecrequest->sadb_x_ipsecrequest_mode = IPSEC_MODE_TUNNEL;
	else
		ipsecrequest->sadb_x_ipsecrequest_mode = IPSEC_MODE_TRANSPORT;
#else
	ipsecrequest->sadb_x_ipsecrequest_mode = IPSEC_MODE_TUNNEL; /* XXX */
#endif
	ipsecrequest->sadb_x_ipsecrequest_level
		= ingress ? IPSEC_LEVEL_USE : IPSEC_LEVEL_REQUIRE;
	ipsecrequest->sadb_x_ipsecrequest_reqid = 0;	/* XXX */

	/* Add source and destination addresses. */
	saddr = (struct sockaddr *)(ipsecrequest + 1);
	pf_key_v2_setup_sockaddr(saddr, src, 0, 0, 0);
	switch (src->sa_family) {
	case AF_INET:
		saddr = (struct sockaddr *)((struct sockaddr_in *)saddr + 1);
		break;
	case AF_INET6:
		saddr = (struct sockaddr *)((struct sockaddr_in6 *)saddr + 1);
		break;
	}
	pf_key_v2_setup_sockaddr(saddr, dst, 0, 0, 0);
	if (pf_key_v2_msg_add(flow, (struct sadb_ext *)policy,
	    PF_KEY_V2_NODE_MALLOCED) == -1)
		goto cleanup;
	policy = 0;

#ifdef USE_DEBUG
	if (sockaddr2text(laddr, &laddr_str, 0))
		laddr_str = 0;
	if (sockaddr2text(lmask, &lmask_str, 0))
		lmask_str = 0;
	if (sockaddr2text(raddr, &raddr_str, 0))
		raddr_str = 0;
	if (sockaddr2text(rmask, &rmask_str, 0))
		rmask_str = 0;

	LOG_DBG((LOG_SYSDEP, 50, "pf_key_v2_flow: src %s %s dst %s %s",
	 laddr_str ? laddr_str : "<??\?>", lmask_str ? lmask_str : "<??\?>",
		 raddr_str ? raddr_str : "<??\?>",
		 rmask_str ? rmask_str : "<??\?>"));

	if (laddr_str)
		free(laddr_str);
	if (lmask_str)
		free(lmask_str);
	if (raddr_str)
		free(raddr_str);
	if (rmask_str)
		free(rmask_str);
#endif

	ret = pf_key_v2_call(flow);
	pf_key_v2_msg_free(flow);
	flow = 0;
	if (!ret)
		goto cleanup;
	err = ((struct sadb_msg *)TAILQ_FIRST(ret)->seg)->sadb_msg_errno;
	if (!delete && err == EEXIST) {
		LOG_DBG((LOG_SYSDEP, 50, "pf_key_v2_flow: "
		    "SPDADD returns EEXIST"));
	} else if (err) {
		log_print("pf_key_v2_flow: SPD%s: %s",
		    delete ? "DELETE" : "ADD", strerror(err));
		goto cleanup;
	}
	pf_key_v2_msg_free(ret);

	LOG_DBG((LOG_SYSDEP, 50, "pf_key_v2_flow: SPD%s: done",
		 delete ? "DELETE" : "ADD"));

	return 0;

cleanup:
	if (addr)
		free(addr);
	if (policy)
		free(policy);
	if (flow)
		pf_key_v2_msg_free(flow);
	if (ret)
		pf_key_v2_msg_free(ret);
	return -1;

#else
	log_print("pf_key_v2_flow: not supported in pure PF_KEYv2");
	return -1;
#endif
}

#ifndef KAME
static u_int8_t *
pf_key_v2_convert_id(u_int8_t * id, int idlen, size_t * reslen, int *idtype)
{
	u_int8_t       *addr, *res = 0;
	char            addrbuf[ADDRESS_MAX + 5];

	switch (id[0]) {
	case IPSEC_ID_FQDN:
		res = calloc(idlen - ISAKMP_ID_DATA_OFF + ISAKMP_GEN_SZ,
			     sizeof(u_int8_t));
		if (!res)
			return 0;

		*reslen = idlen - ISAKMP_ID_DATA_OFF + ISAKMP_GEN_SZ;
		memcpy(res, id + ISAKMP_ID_DATA_OFF - ISAKMP_GEN_SZ, *reslen);
		*idtype = SADB_IDENTTYPE_FQDN;
		LOG_DBG((LOG_SYSDEP, 40, "pf_key_v2_convert_id: FQDN %.*s",
			 (int) *reslen, res));
		return res;

	case IPSEC_ID_USER_FQDN:
		res = calloc(idlen - ISAKMP_ID_DATA_OFF + ISAKMP_GEN_SZ,
			     sizeof(u_int8_t));
		if (!res)
			return 0;

		*reslen = idlen - ISAKMP_ID_DATA_OFF + ISAKMP_GEN_SZ;
		memcpy(res, id + ISAKMP_ID_DATA_OFF - ISAKMP_GEN_SZ, *reslen);
		*idtype = SADB_IDENTTYPE_USERFQDN;
		LOG_DBG((LOG_SYSDEP, 40, "pf_key_v2_convert_id: UFQDN %.*s",
			 (int) *reslen, res));
		return res;

	case IPSEC_ID_IPV4_ADDR:	/* XXX CONNECTION ? */
		if (inet_ntop(AF_INET, id + ISAKMP_ID_DATA_OFF - ISAKMP_GEN_SZ,
			      addrbuf, ADDRESS_MAX) == NULL)
			return 0;
		*reslen = strlen(addrbuf) + 3;
		strlcat(addrbuf, "/32", ADDRESS_MAX + 5);
		res = (u_int8_t *) strdup(addrbuf);
		if (!res)
			return 0;
		*idtype = SADB_IDENTTYPE_PREFIX;
		LOG_DBG((LOG_SYSDEP, 40, "pf_key_v2_convert_id: "
		    "IPv4 address %s", res));
		return res;

	case IPSEC_ID_IPV6_ADDR:	/* XXX CONNECTION ? */
		if (inet_ntop(AF_INET6,
		    id + ISAKMP_ID_DATA_OFF - ISAKMP_GEN_SZ,
		    addrbuf, ADDRESS_MAX) == NULL)
			return 0;
		*reslen = strlen(addrbuf) + 4;
		strlcat(addrbuf, "/128", ADDRESS_MAX + 5);
		res = (u_int8_t *) strdup(addrbuf);
		if (!res)
			return 0;
		LOG_DBG((LOG_SYSDEP, 40, "pf_key_v2_convert_id: "
		    "IPv6 address %s", res));
		*idtype = SADB_IDENTTYPE_PREFIX;
		return res;

	case IPSEC_ID_IPV4_ADDR_SUBNET:	/* XXX PREFIX */
		addr = id + ISAKMP_ID_DATA_OFF - ISAKMP_GEN_SZ;
		if (inet_ntop(AF_INET, addr, addrbuf, ADDRESS_MAX) == NULL)
			return 0;
		snprintf(addrbuf + strlen(addrbuf),
		    ADDRESS_MAX - strlen(addrbuf), "/%d",
		    pf_key_v2_mask_to_bits(*(u_int32_t *)(addr +
			sizeof(struct in_addr))));
		*reslen = strlen(addrbuf);
		res = (u_int8_t *) strdup(addrbuf);
		if (!res)
			return 0;
		*idtype = SADB_IDENTTYPE_PREFIX;
		LOG_DBG((LOG_SYSDEP, 40, "pf_key_v2_convert_id: "
		    "IPv4 subnet %s", res));
		return res;

	case IPSEC_ID_IPV6_ADDR_SUBNET:	/* XXX PREFIX */
		addr = id + ISAKMP_ID_DATA_OFF - ISAKMP_GEN_SZ;
		if (inet_ntop(AF_INET6, addr, addrbuf, ADDRESS_MAX) == NULL)
			return 0;
		snprintf(addrbuf + strlen(addrbuf),
		    ADDRESS_MAX - strlen(addrbuf), "/%d",
		    pf_key_v2_mask6_to_bits(addr +
			sizeof(struct in6_addr)));
		*reslen = strlen(addrbuf);
		res = (u_int8_t *) strdup(addrbuf);
		if (!res)
			return 0;
		LOG_DBG((LOG_SYSDEP, 40, "pf_key_v2_convert_id: "
		    "IPv6 subnet %s", res));
		*idtype = SADB_IDENTTYPE_PREFIX;
		return res;

	case IPSEC_ID_IPV4_RANGE:
	case IPSEC_ID_IPV6_RANGE:
	case IPSEC_ID_DER_ASN1_DN:
	case IPSEC_ID_DER_ASN1_GN:
	case IPSEC_ID_KEY_ID:
		/* XXX Not implemented yet.  */
		return 0;
	}

	return 0;
}
#endif

/* Enable a flow given an SA.  */
int
pf_key_v2_enable_sa(struct sa *sa, struct sa *isakmp_sa)
{
	struct ipsec_sa *isa = sa->data;
	struct sockaddr *dst, *src;
	int             error;
	struct proto   *proto = TAILQ_FIRST(&sa->protos);
	int             sidtype = 0, didtype = 0;
	size_t          sidlen = 0, didlen = 0;
	u_int8_t       *sid = 0, *did = 0;
#if !defined (SADB_X_EXT_FLOW_TYPE)
	struct sockaddr_storage hostmask_storage;
	struct sockaddr *hostmask = (struct sockaddr *)&hostmask_storage;
#endif				/* SADB_X_EXT_FLOW_TYPE */

	sa->transport->vtbl->get_dst(sa->transport, &dst);
	sa->transport->vtbl->get_src(sa->transport, &src);

#if defined (SADB_X_EXT_FLOW_TYPE)
	if (isakmp_sa->id_i) {
		if (isakmp_sa->initiator)
			sid = pf_key_v2_convert_id(isakmp_sa->id_i,
			    isakmp_sa->id_i_len, &sidlen, &sidtype);
		else
			did = pf_key_v2_convert_id(isakmp_sa->id_i,
			    isakmp_sa->id_i_len, &didlen, &didtype);
	}
	if (isakmp_sa->id_r) {
		if (isakmp_sa->initiator)
			did = pf_key_v2_convert_id(isakmp_sa->id_r,
			    isakmp_sa->id_r_len, &didlen, &didtype);
		else
			sid = pf_key_v2_convert_id(isakmp_sa->id_r,
			    isakmp_sa->id_r_len, &sidlen, &sidtype);
	}
#endif				/* SADB_X_EXT_FLOW_TYPE */

	error = pf_key_v2_flow(isa->src_net, isa->src_mask, isa->dst_net,
			 isa->dst_mask, isa->tproto, isa->sport, isa->dport,
			       proto->spi[0], proto->proto, dst, src, 0, 0,
			       sidtype, sid, sidlen, didtype, did, didlen,
			       proto->data);
	if (error)
		goto cleanup;

#if !defined (SADB_X_EXT_FLOW_TYPE)
	/* Set hostmask to '-1'. */
	switch (dst->sa_family) {
	case AF_INET:
		((struct sockaddr_in *) hostmask)->sin_family = AF_INET;
#ifndef USE_OLD_SOCKADDR
		((struct sockaddr_in *) hostmask)->sin_len =
		    sizeof(struct in_addr);
#endif
		memset(&((struct sockaddr_in *) hostmask)->sin_addr.s_addr,
		    0xff, sizeof(struct in_addr));
		break;
	case AF_INET6:
		((struct sockaddr_in6 *) hostmask)->sin6_family = AF_INET6;
#ifndef USE_OLD_SOCKADDR
		((struct sockaddr_in6 *) hostmask)->sin6_len =
		    sizeof(struct in6_addr);
#endif
		memset(&((struct sockaddr_in6 *) hostmask)->sin6_addr.s6_addr,
		    0xff, sizeof(struct in6_addr));
		break;
	}

	/* Ingress flows, handling SA bundles. */
	while (TAILQ_NEXT(proto, link)) {
		error = pf_key_v2_flow(dst, hostmask, src, hostmask, 0, 0, 0,
				       proto->spi[1], proto->proto, src, dst,
				       0, 1, 0, 0, 0, 0, 0, 0, proto->data);
		if (error)
			goto cleanup;
		proto = TAILQ_NEXT(proto, link);
	}
#endif				/* SADB_X_EXT_FLOW_TYPE */

	error = pf_key_v2_flow(isa->dst_net, isa->dst_mask, isa->src_net,
			 isa->src_mask, isa->tproto, isa->dport, isa->sport,
			       proto->spi[1], proto->proto, src, dst, 0, 1,
			       sidtype, sid, sidlen, didtype, did, didlen,
			       proto->data);

cleanup:
#if defined (SADB_X_EXT_FLOW_TYPE)
	if (sid)
		free(sid);
	if (did)
		free(did);
#endif				/* SADB_X_EXT_FLOW_TYPE */

	return error;
}

#if defined (SADB_X_ASKPOLICY)
/* Increase reference count of refcounted sections. */
static int
pf_key_v2_conf_refinc(int af, char *section)
{
	char            conn[22];
	int             num;

	if (!section)
		return 0;

	num = conf_get_num(section, "Refcount", 0);
	if (num == 0)
		return 0;

	snprintf(conn, sizeof conn, "%d", num + 1);
	conf_set(af, section, "Refcount", conn, 1, 0);
	return 0;
}
#endif

/*
 * Return 0 if the section didn't exist or was removed, non-zero otherwise.
 * Don't touch non-refcounted (statically defined) sections.
 */
static int
pf_key_v2_conf_refhandle(int af, char *section)
{
	char            conn[22];
	int             num;

	if (!section)
		return 0;

	num = conf_get_num(section, "Refcount", 0);
	if (num == 1) {
		conf_remove_section(af, section);
		num--;
	} else if (num != 0) {
		snprintf(conn, sizeof conn, "%d", num - 1);
		conf_set(af, section, "Refcount", conn, 1, 0);
	}
	return num;
}

/* Remove all dynamically-established configuration entries.  */
static int
pf_key_v2_remove_conf(char *section)
{
	char           *ikepeer, *localid, *remoteid, *configname;
	struct conf_list_node *attr;
	struct conf_list *attrs;
	int             af;

	if (!section)
		return 0;

	if (!conf_get_str(section, "Phase"))
		return 0;

	/* Only remove dynamically-established entries. */
	attrs = conf_get_list(section, "Flags");
	if (attrs) {
		for (attr = TAILQ_FIRST(&attrs->fields); attr;
		     attr = TAILQ_NEXT(attr, link))
			if (!strcasecmp(attr->field, "__ondemand"))
				goto passed;

		conf_free_list(attrs);
	}
	return 0;

passed:
	conf_free_list(attrs);

	af = conf_begin();

	configname = conf_get_str(section, "Configuration");
	conf_remove_section(af, configname);

	/* These are the Phase 2 Local/Remote IDs. */
	localid = conf_get_str(section, "Local-ID");
	pf_key_v2_conf_refhandle(af, localid);

	remoteid = conf_get_str(section, "Remote-ID");
	pf_key_v2_conf_refhandle(af, remoteid);

	ikepeer = conf_get_str(section, "ISAKMP-peer");

	pf_key_v2_conf_refhandle(af, section);

	if (ikepeer) {
		remoteid = conf_get_str(ikepeer, "Remote-ID");
		localid = conf_get_str(ikepeer, "ID");
		configname = conf_get_str(ikepeer, "Configuration");

		pf_key_v2_conf_refhandle(af, ikepeer);
		pf_key_v2_conf_refhandle(af, configname);

		/* Phase 1 IDs */
		pf_key_v2_conf_refhandle(af, localid);
		pf_key_v2_conf_refhandle(af, remoteid);
	}
	conf_end(af, 1);
	return 0;
}

/* Disable a flow given a SA.  */
static int
pf_key_v2_disable_sa(struct sa *sa, int incoming)
{
	struct ipsec_sa *isa = sa->data;
	struct sockaddr *dst, *src;
	struct proto   *proto = TAILQ_FIRST(&sa->protos);
#if !defined (SADB_X_EXT_FLOW_TYPE)
	struct sockaddr_storage hostmask_storage;
	struct sockaddr *hostmask = (struct sockaddr *)&hostmask_storage;
	int             error;
#endif				/* SADB_X_EXT_FLOW_TYPE */

	sa->transport->vtbl->get_dst(sa->transport, &dst);
	sa->transport->vtbl->get_src(sa->transport, &src);

	if (!incoming)
		return pf_key_v2_flow(isa->src_net, isa->src_mask,
		    isa->dst_net, isa->dst_mask, isa->tproto, isa->sport,
		    isa->dport, proto->spi[0], proto->proto, src, dst, 1, 0,
		    0, 0, 0, 0, 0, 0, proto->data);
	else {
#if !defined (SADB_X_EXT_FLOW_TYPE)
		/* Set hostmask to '-1'. */
		switch (dst->sa_family) {
		case AF_INET:
			((struct sockaddr_in *) hostmask)->sin_family =
			    AF_INET;
#ifndef USE_OLD_SOCKADDR
			((struct sockaddr_in *) hostmask)->sin_len =
			    sizeof(struct in_addr);
#endif
			memset(&((struct sockaddr_in *) hostmask)->sin_addr.s_addr,
			    0xff, sizeof(struct in_addr));
			break;
		case AF_INET6:
			((struct sockaddr_in6 *) hostmask)->sin6_family =
			    AF_INET6;
#ifndef USE_OLD_SOCKADDR
			((struct sockaddr_in6 *) hostmask)->sin6_len =
			    sizeof(struct in6_addr);
#endif
			memset(&((struct sockaddr_in6 *) hostmask)->sin6_addr.s6_addr,
			    0xff, sizeof(struct in6_addr));
			break;
		}

		/* Ingress flow --- SA bundles */
		while (TAILQ_NEXT(proto, link)) {
			error = pf_key_v2_flow(dst, hostmask, src, hostmask,
			    0, 0, 0, proto->spi[1], proto->proto, src, dst,
			    1, 1, 0, 0, 0, 0, 0, 0, proto->data);
			if (error)
				return error;
			proto = TAILQ_NEXT(proto, link);
		}
#endif				/* SADB_X_EXT_FLOW_TYPE */

		return pf_key_v2_flow(isa->dst_net, isa->dst_mask,
		    isa->src_net, isa->src_mask, isa->tproto, isa->dport,
		    isa->sport, proto->spi[1], proto->proto, src, dst, 1, 1,
		    0, 0, 0, 0, 0, 0, proto->data);
	}
}

/*
 * Delete the IPsec SA represented by the INCOMING direction in protocol PROTO
 * of the IKE security association SA.  Also delete potential flows tied to it.
 */
int
pf_key_v2_delete_spi(struct sa *sa, struct proto *proto, int incoming)
{
	struct sadb_msg msg;
	struct sadb_sa  ssa;
	struct sadb_address *addr = 0;
	struct sockaddr *saddr;
	int             len, err;
	struct pf_key_v2_msg *delete = 0, *ret = 0;
#ifdef KAME
	struct sadb_x_sa2 ssa2;
#endif

	/* If it's not an established SA, don't proceed. */
	if (!(sa->flags & SA_FLAG_READY))
		return 0;

	/*
	 * If the SA was not replaced and was not one acquired through the
	 * kernel (ACQUIRE message), remove the flow associated with it.
	 * We ignore any errors from the disabling of the flow.
         */
	if (!(sa->flags & SA_FLAG_REPLACED)
	    && !(sa->flags & SA_FLAG_ONDEMAND))
		pf_key_v2_disable_sa(sa, incoming);

	if (sa->name && !(sa->flags & SA_FLAG_REPLACED)) {
		LOG_DBG((LOG_SYSDEP, 50,
			 "pf_key_v2_delete_spi: removing configuration %s",
			 sa->name));
		pf_key_v2_remove_conf(sa->name);
	}
	msg.sadb_msg_type = SADB_DELETE;
	switch (proto->proto) {
	case IPSEC_PROTO_IPSEC_ESP:
		msg.sadb_msg_satype = SADB_SATYPE_ESP;
		break;
	case IPSEC_PROTO_IPSEC_AH:
		msg.sadb_msg_satype = SADB_SATYPE_AH;
		break;
#if defined (SADB_X_SATYPE_IPCOMP)
	case IPSEC_PROTO_IPCOMP:
		msg.sadb_msg_satype = SADB_X_SATYPE_IPCOMP;
		break;
#endif
	default:
		log_print("pf_key_v2_delete_spi: invalid proto %d",
		    proto->proto);
		goto cleanup;
	}
	msg.sadb_msg_seq = 0;
	delete = pf_key_v2_msg_new(&msg, 0);
	if (!delete)
		goto cleanup;

	/* Setup the SA extension.  */
	ssa.sadb_sa_exttype = SADB_EXT_SA;
	ssa.sadb_sa_len = sizeof ssa / PF_KEY_V2_CHUNK;
	memcpy(&ssa.sadb_sa_spi, proto->spi[incoming], sizeof ssa.sadb_sa_spi);
	ssa.sadb_sa_replay = 0;
	ssa.sadb_sa_state = 0;
	ssa.sadb_sa_auth = 0;
	ssa.sadb_sa_encrypt = 0;
	ssa.sadb_sa_flags = 0;
	if (pf_key_v2_msg_add(delete, (struct sadb_ext *)&ssa, 0) == -1)
		goto cleanup;

#ifdef KAME
	memset(&ssa2, 0, sizeof ssa2);
	ssa2.sadb_x_sa2_exttype = SADB_X_EXT_SA2;
	ssa2.sadb_x_sa2_len = sizeof ssa2 / PF_KEY_V2_CHUNK;
	ssa2.sadb_x_sa2_mode = 0;
	if (pf_key_v2_msg_add(delete, (struct sadb_ext *)&ssa2, 0) == -1)
		goto cleanup;
#endif

	/*
	 * Setup the ADDRESS extensions.
         */
	if (incoming)
		sa->transport->vtbl->get_dst(sa->transport, &saddr);
	else
		sa->transport->vtbl->get_src(sa->transport, &saddr);
	len = sizeof *addr + PF_KEY_V2_ROUND(sysdep_sa_len(saddr));
	addr = calloc(1, len);
	if (!addr)
		goto cleanup;
	addr->sadb_address_exttype = SADB_EXT_ADDRESS_SRC;
	addr->sadb_address_len = len / PF_KEY_V2_CHUNK;
#ifndef __OpenBSD__
	addr->sadb_address_proto = 0;
	addr->sadb_address_prefixlen = 0;
#endif
	addr->sadb_address_reserved = 0;
	memcpy(addr + 1, saddr, sysdep_sa_len(saddr));
	switch (saddr->sa_family) {
	case AF_INET:
		((struct sockaddr_in *) (addr + 1))->sin_port = 0;
		break;
	case AF_INET6:
		((struct sockaddr_in6 *) (addr + 1))->sin6_port = 0;
		break;
	}
	if (pf_key_v2_msg_add(delete, (struct sadb_ext *) addr,
			      PF_KEY_V2_NODE_MALLOCED) == -1)
		goto cleanup;
	addr = 0;

	if (incoming)
		sa->transport->vtbl->get_src(sa->transport, &saddr);
	else
		sa->transport->vtbl->get_dst(sa->transport, &saddr);
	len = sizeof *addr + PF_KEY_V2_ROUND(sysdep_sa_len(saddr));
	addr = calloc(1, len);
	if (!addr)
		goto cleanup;
	addr->sadb_address_exttype = SADB_EXT_ADDRESS_DST;
	addr->sadb_address_len = len / PF_KEY_V2_CHUNK;
#ifndef __OpenBSD__
	addr->sadb_address_proto = 0;
	addr->sadb_address_prefixlen = 0;
#endif
	addr->sadb_address_reserved = 0;
	memcpy(addr + 1, saddr, sysdep_sa_len(saddr));
	switch (saddr->sa_family) {
	case AF_INET:
		((struct sockaddr_in *) (addr + 1))->sin_port = 0;
		break;
	case AF_INET6:
		((struct sockaddr_in6 *) (addr + 1))->sin6_port = 0;
		break;
	}
	if (pf_key_v2_msg_add(delete, (struct sadb_ext *) addr,
			      PF_KEY_V2_NODE_MALLOCED) == -1)
		goto cleanup;
	addr = 0;

	ret = pf_key_v2_call(delete);
	pf_key_v2_msg_free(delete);
	delete = 0;
	if (!ret)
		goto cleanup;
	err = ((struct sadb_msg *)TAILQ_FIRST(ret)->seg)->sadb_msg_errno;
	if (err) {
		LOG_DBG((LOG_SYSDEP, 10, "pf_key_v2_delete_spi: DELETE: %s",
			 strerror(err)));
		goto cleanup;
	}
	pf_key_v2_msg_free(ret);

	LOG_DBG((LOG_SYSDEP, 50, "pf_key_v2_delete_spi: done"));

	return 0;

cleanup:
	if (addr)
		free(addr);
	if (delete)
		pf_key_v2_msg_free(delete);
	if (ret)
		pf_key_v2_msg_free(ret);
	return -1;
}

static void
pf_key_v2_stayalive(struct exchange *exchange, void *vconn, int fail)
{
	char           *conn = vconn;
	struct sa      *sa;

	/* XXX What if it is phase 1 ? */
	sa = sa_lookup_by_name(conn, 2);
	if (sa)
		sa->flags |= SA_FLAG_STAYALIVE;

	/*
	 * Remove failed configuration entry -- call twice because it is
	 * created with a Refcount of 2.
         */
	if (fail && (!exchange || exchange->name)) {
		pf_key_v2_remove_conf(conn);
		pf_key_v2_remove_conf(conn);
	}
}

/* Check if a connection CONN exists, otherwise establish it.  */
void
pf_key_v2_connection_check(char *conn)
{
	if (!sa_lookup_by_name(conn, 2)) {
		LOG_DBG((LOG_SYSDEP, 70,
		    "pf_key_v2_connection_check: SA for %s missing", conn));
		exchange_establish(conn, pf_key_v2_stayalive, conn);
	} else
		LOG_DBG((LOG_SYSDEP, 70, "pf_key_v2_connection_check: "
		    "SA for %s exists", conn));
}

/* Handle a PF_KEY lifetime expiration message PMSG.  */
static void
pf_key_v2_expire(struct pf_key_v2_msg *pmsg)
{
	struct sadb_msg *msg;
	struct sadb_sa *ssa;
	struct sadb_address *dst;
	struct sockaddr *dstaddr;
	struct sadb_lifetime *life, *lifecurrent;
	struct sa      *sa;
	struct pf_key_v2_node *lifenode, *ext;
#ifdef USE_DEBUG
	char           *dst_str;
#endif

	msg = (struct sadb_msg *)TAILQ_FIRST(pmsg)->seg;
	ext = pf_key_v2_find_ext(pmsg, SADB_EXT_SA);
	if (!ext) {
		log_print("pf_key_v2_expire: no SA extension found");
		return;
	}
	ssa = ext->seg;
	ext = pf_key_v2_find_ext(pmsg, SADB_EXT_ADDRESS_DST);
	if (!ext) {
		log_print("pf_key_v2_expire: "
		    "no destination address extension found");
		return;
	}
	dst = ext->seg;
	dstaddr = (struct sockaddr *) (dst + 1);
	lifenode = pf_key_v2_find_ext(pmsg, SADB_EXT_LIFETIME_HARD);
	if (!lifenode)
		lifenode = pf_key_v2_find_ext(pmsg, SADB_EXT_LIFETIME_SOFT);
	if (!lifenode) {
		log_print("pf_key_v2_expire: no lifetime extension found");
		return;
	}
	life = lifenode->seg;

	lifenode = pf_key_v2_find_ext(pmsg, SADB_EXT_LIFETIME_CURRENT);
	if (!lifenode) {
		log_print("pf_key_v2_expire: "
		    "no current lifetime extension found");
		return;
	}
	lifecurrent = lifenode->seg;

#ifdef USE_DEBUG

	if (sockaddr2text(dstaddr, &dst_str, 0))
		dst_str = 0;

	LOG_DBG((LOG_SYSDEP, 20, "pf_key_v2_expire: "
	    "%s dst %s SPI %x sproto %d",
	    life->sadb_lifetime_exttype == SADB_EXT_LIFETIME_SOFT ? "SOFT"
	    : "HARD", dst_str ? dst_str : "<unknown>",
	    ntohl(ssa->sadb_sa_spi), msg->sadb_msg_satype));

	if (dst_str)
		free(dst_str);

#endif				/* USE_DEBUG */

	/*
	 * Find the IPsec SA.  The IPsec stack has two SAs for every IKE SA,
	 * one outgoing and one incoming, we regard expirations for any of
	 * them as an expiration of the full IKE SA.  Likewise, in
	 * protection suites consisting of more than one protocol, any
	 * expired individual IPsec stack SA will be seen as an expiration
	 * of the full suite.
         */
	switch (msg->sadb_msg_satype) {
	case SADB_SATYPE_ESP:
		sa = ipsec_sa_lookup(dstaddr, ssa->sadb_sa_spi,
		    IPSEC_PROTO_IPSEC_ESP);
		break;

	case SADB_SATYPE_AH:
		sa = ipsec_sa_lookup(dstaddr, ssa->sadb_sa_spi,
		    IPSEC_PROTO_IPSEC_AH);
		break;

#ifdef SADB_X_SATYPE_IPCOMP
	case SADB_X_SATYPE_IPCOMP:
		sa = ipsec_sa_lookup(dstaddr, ssa->sadb_sa_spi,
		    IPSEC_PROTO_IPCOMP);
		break;
#endif

	default:
		/* XXX Log? */
		sa = 0;
		break;
	}

	/* If the SA is already gone, don't do anything.  */
	if (!sa)
		return;

	/*
	 * If we got a notification, try to renegotiate the SA -- unless of
	 * course it has already been replaced by another.
	 * Also, ignore SAs that were not dynamically established, or that
	 * did not see any use.
         */
	if (!(sa->flags & SA_FLAG_REPLACED) &&
	    (sa->flags & SA_FLAG_ONDEMAND) &&
	    lifecurrent->sadb_lifetime_bytes)
		exchange_establish(sa->name, 0, 0);

	if (life->sadb_lifetime_exttype == SADB_EXT_LIFETIME_HARD) {
		/* Remove the old SA, it isn't useful anymore.  */
		sa_free(sa);
	}
}

/* Handle a PF_KEY SA ACQUIRE message PMSG.  */
static void
pf_key_v2_acquire(struct pf_key_v2_msg *pmsg)
{
#if defined (SADB_X_ASKPOLICY)
	struct sadb_msg *msg, askpolicy_msg;
	struct pf_key_v2_msg *askpolicy = 0, *ret = 0;
	struct sadb_x_policy policy;
	struct sadb_address *dst = 0, *src = 0;
	struct sockaddr *dstaddr, *srcaddr = 0;
	struct sadb_comb *scmb = 0;
	struct sadb_prop *sprp = 0;
	struct sadb_ident *srcident = 0, *dstident = 0;
	char            dstbuf[ADDRESS_MAX], srcbuf[ADDRESS_MAX], *peer = 0,
	               *conn = 0;
	char            confname[120];
	char           *srcid = 0, *dstid = 0, *prefstring = 0;
	int             slen, af, afamily, masklen, buflen;
	struct sockaddr *smask, *sflow, *dmask, *dflow;
	struct sadb_protocol *sproto;
	char            ssflow[ADDRESS_MAX], sdflow[ADDRESS_MAX];
	char            sdmask[ADDRESS_MAX], ssmask[ADDRESS_MAX];
	char           *sidtype = 0, *didtype = 0;
	char            lname[100], dname[100], configname[30];
	int             shostflag = 0, dhostflag = 0;
	struct pf_key_v2_node *ext;
	struct passwd  *pwd = 0;
	u_int16_t       sport = 0, dport = 0;
	u_int8_t        tproto = 0;
	char            tmbuf[sizeof sport * 3 + 1], *xform;
	int             connlen;
#if defined (SADB_X_CREDTYPE_NONE)
	struct sadb_x_cred *cred = 0, *sauth = 0;
#endif

	/* This needs to be dynamically allocated. */
	connlen = 22;
	conn = malloc(connlen);
	if (!conn) {
		log_error("pf_key_v2_acquire: malloc (%d) failed", connlen);
		return;
	}
	msg = (struct sadb_msg *)TAILQ_FIRST(pmsg)->seg;

	ext = pf_key_v2_find_ext(pmsg, SADB_EXT_ADDRESS_DST);
	if (!ext) {
		log_print("pf_key_v2_acquire: "
		    "no destination address specified");
		return;
	}
	dst = ext->seg;

	ext = pf_key_v2_find_ext(pmsg, SADB_EXT_ADDRESS_SRC);
	if (ext)
		src = ext->seg;

	ext = pf_key_v2_find_ext(pmsg, SADB_EXT_PROPOSAL);
	if (ext) {
		sprp = ext->seg;
		scmb = (struct sadb_comb *) (sprp + 1);
	}
	ext = pf_key_v2_find_ext(pmsg, SADB_EXT_IDENTITY_SRC);
	if (ext)
		srcident = ext->seg;

	ext = pf_key_v2_find_ext(pmsg, SADB_EXT_IDENTITY_DST);
	if (ext)
		dstident = ext->seg;

	/* Ask the kernel for the matching policy. */
	bzero(&askpolicy_msg, sizeof askpolicy_msg);
	askpolicy_msg.sadb_msg_type = SADB_X_ASKPOLICY;
	askpolicy = pf_key_v2_msg_new(&askpolicy_msg, 0);
	if (!askpolicy)
		goto fail;

	policy.sadb_x_policy_exttype = SADB_X_EXT_POLICY;
	policy.sadb_x_policy_len = sizeof policy / PF_KEY_V2_CHUNK;
	policy.sadb_x_policy_seq = msg->sadb_msg_seq;
	if (pf_key_v2_msg_add(askpolicy, (struct sadb_ext *)&policy, 0) == -1)
		goto fail;

	ret = pf_key_v2_call(askpolicy);
	if (!ret)
		goto fail;

	/* Now we have all the information needed. */

	ext = pf_key_v2_find_ext(ret, SADB_X_EXT_SRC_FLOW);
	if (!ext) {
		log_print("pf_key_v2_acquire: no source flow extension found");
		goto fail;
	}
	sflow = (struct sockaddr *) (((struct sadb_address *) ext->seg) + 1);

	ext = pf_key_v2_find_ext(ret, SADB_X_EXT_DST_FLOW);
	if (!ext) {
		log_print("pf_key_v2_acquire: "
		    "no destination flow extension found");
		goto fail;
	}
	dflow = (struct sockaddr *) (((struct sadb_address *) ext->seg) + 1);
	ext = pf_key_v2_find_ext(ret, SADB_X_EXT_SRC_MASK);
	if (!ext) {
		log_print("pf_key_v2_acquire: no source mask extension found");
		goto fail;
	}
	smask = (struct sockaddr *) (((struct sadb_address *) ext->seg) + 1);

	ext = pf_key_v2_find_ext(ret, SADB_X_EXT_DST_MASK);
	if (!ext) {
		log_print("pf_key_v2_acquire: "
		    "no destination mask extension found");
		goto fail;
	}
	dmask = (struct sockaddr *) (((struct sadb_address *) ext->seg) + 1);

	ext = pf_key_v2_find_ext(ret, SADB_X_EXT_FLOW_TYPE);
	if (!ext) {
		log_print("pf_key_v2_acquire: no flow type extension found");
		goto fail;
	}
	sproto = ext->seg;
	tproto = sproto->sadb_protocol_proto;

#if defined (SADB_X_EXT_LOCAL_CREDENTIALS)
	ext = pf_key_v2_find_ext(pmsg, SADB_X_EXT_LOCAL_CREDENTIALS);
	if (ext)
		cred = (struct sadb_x_cred *) ext->seg;
	else
		cred = 0;
#endif

#if defined (SADB_X_EXT_LOCAL_AUTH)
	ext = pf_key_v2_find_ext(pmsg, SADB_X_EXT_LOCAL_AUTH);
	if (ext)
		sauth = (struct sadb_x_cred *) ext->seg;
	else
		sauth = 0;
#endif

	bzero(ssflow, sizeof ssflow);
	bzero(sdflow, sizeof sdflow);
	bzero(ssmask, sizeof ssmask);
	bzero(sdmask, sizeof sdmask);

	sidtype = didtype = "IPV4_ADDR_SUBNET";	/* default */

	switch (sflow->sa_family) {
	case AF_INET:
		if (inet_ntop(AF_INET,
		    &((struct sockaddr_in *) sflow)->sin_addr, ssflow,
		    ADDRESS_MAX) == NULL) {
			log_print("pf_key_v2_acquire: inet_ntop failed");
			goto fail;
		}
		sport = ((struct sockaddr_in *) sflow)->sin_port;
		if (inet_ntop(AF_INET,
		    &((struct sockaddr_in *) dflow)->sin_addr, sdflow,
		    ADDRESS_MAX) == NULL) {
			log_print("pf_key_v2_acquire: inet_ntop failed");
			goto fail;
		}
		dport = ((struct sockaddr_in *) dflow)->sin_port;
		if (inet_ntop(AF_INET,
		    &((struct sockaddr_in *) smask)->sin_addr, ssmask,
		    ADDRESS_MAX) == NULL) {
			log_print("pf_key_v2_acquire: inet_ntop failed");
			goto fail;
		}
		if (inet_ntop(AF_INET,
		    &((struct sockaddr_in *) dmask)->sin_addr, sdmask,
		    ADDRESS_MAX) == NULL) {
			log_print("pf_key_v2_acquire: inet_ntop failed");
			goto fail;
		}
		if (((struct sockaddr_in *) smask)->sin_addr.s_addr ==
		    INADDR_BROADCAST) {
			shostflag = 1;
			sidtype = "IPV4_ADDR";
		}
		if (((struct sockaddr_in *) dmask)->sin_addr.s_addr ==
		    INADDR_BROADCAST) {
			dhostflag = 1;
			didtype = "IPV4_ADDR";
		}
		break;

	case AF_INET6:
		if (inet_ntop(AF_INET6,
		    &((struct sockaddr_in6 *) sflow)->sin6_addr,
		    ssflow, ADDRESS_MAX) == NULL) {
			log_print("pf_key_v2_acquire: inet_ntop failed");
			goto fail;
		}
		sport = ((struct sockaddr_in6 *) sflow)->sin6_port;
		if (inet_ntop(AF_INET6,
		    &((struct sockaddr_in6 *) dflow)->sin6_addr,
		    sdflow, ADDRESS_MAX) == NULL) {
			log_print("pf_key_v2_acquire: inet_ntop failed");
			goto fail;
		}
		dport = ((struct sockaddr_in6 *) dflow)->sin6_port;
		if (inet_ntop(AF_INET6,
		    &((struct sockaddr_in6 *) smask)->sin6_addr,
		    ssmask, ADDRESS_MAX) == NULL) {
			log_print("pf_key_v2_acquire: inet_ntop failed");
			goto fail;
		}
		if (inet_ntop(AF_INET6,
		    &((struct sockaddr_in6 *) dmask)->sin6_addr,
		    sdmask, ADDRESS_MAX) == NULL) {
			log_print("pf_key_v2_acquire: inet_ntop failed");
			goto fail;
		}
		sidtype = didtype = "IPV6_ADDR_SUBNET";
		if (IN6_IS_ADDR_FULL(&((struct sockaddr_in6 *)smask)->sin6_addr)) {
			shostflag = 1;
			sidtype = "IPV6_ADDR";
		}
		if (IN6_IS_ADDR_FULL(&((struct sockaddr_in6 *)dmask)->sin6_addr)) {
			dhostflag = 1;
			didtype = "IPV6_ADDR";
		}
		break;
	}

	dstaddr = (struct sockaddr *)(dst + 1);
	bzero(dstbuf, sizeof dstbuf);
	bzero(srcbuf, sizeof srcbuf);

	if (dstaddr->sa_family == 0) {
		/*
		 * Destination was not specified in the flow -- can we derive
		 * it?
		 */
		if (dhostflag == 0) {
			log_print("pf_key_v2_acquire: "
			    "Cannot determine precise destination");
			goto fail;
		}
		dstaddr = dflow;
	}
	switch (dstaddr->sa_family) {
	case AF_INET:
		if (inet_ntop(AF_INET,
		    &((struct sockaddr_in *) dstaddr)->sin_addr,
		    dstbuf, ADDRESS_MAX) == NULL) {
			log_print("pf_key_v2_acquire: inet_ntop failed");
			goto fail;
		}
		LOG_DBG((LOG_SYSDEP, 20,
		    "pf_key_v2_acquire: dst=%s sproto %d", dstbuf,
		    msg->sadb_msg_satype));
		break;

	case AF_INET6:
		if (inet_ntop(AF_INET6,
		    &((struct sockaddr_in6 *) dstaddr)->sin6_addr,
		    dstbuf, ADDRESS_MAX) == NULL) {
			log_print("pf_key_v2_acquire: inet_ntop failed");
			goto fail;
		}
		LOG_DBG((LOG_SYSDEP, 20,
		    "pf_key_v2_acquire: dst=%s sproto %d", dstbuf,
		    msg->sadb_msg_satype));
		break;
	}

	if (src) {
		srcaddr = (struct sockaddr *) (src + 1);

		switch (srcaddr->sa_family) {
		case AF_INET:
			if (inet_ntop(AF_INET,
			    &((struct sockaddr_in *) srcaddr)->sin_addr,
			    srcbuf, ADDRESS_MAX) == NULL) {
				log_print("pf_key_v2_acquire: "
				    "inet_ntop failed");
				goto fail;
			}
			break;

		case AF_INET6:
			if (inet_ntop(AF_INET6,
			    &((struct sockaddr_in6 *)srcaddr)->sin6_addr,
			    srcbuf, ADDRESS_MAX) == NULL) {
				log_print("pf_key_v2_acquire: "
				    "inet_ntop failed");
				goto fail;
			}
			break;

		default:
			/*
			 * The kernel will pass an all '0' EXT_ADDRESS_SRC if
			 * it wasn't specified for the flow. In that case, do
			 * NOT specify the srcaddr in the Peer-name below
		         */
			srcbuf[0] = 0;
			srcaddr = NULL;
			break;
		}
	}
	/* Insert source ID. */
	if (srcident) {
		slen = (srcident->sadb_ident_len * sizeof(u_int64_t))
			- sizeof(struct sadb_ident);
		if (((unsigned char *) (srcident + 1))[slen - 1] != '\0') {
			log_print("pf_key_v2_acquire: "
			    "source identity not NUL-terminated");
			goto fail;
		}
		/* Check for valid type. */
		switch (srcident->sadb_ident_type) {
#if defined (SADB_X_IDENTTYPE_CONNECTION)
		case SADB_X_IDENTTYPE_CONNECTION:
			/* XXX */
			break;
#endif

		case SADB_IDENTTYPE_PREFIX:
			/* Determine what the address family is. */
			srcid = memchr(srcident + 1, ':', slen);
			if (srcid)
				afamily = AF_INET6;
			else
				afamily = AF_INET;

			srcid = memchr(srcident + 1, '/', slen);
			if (!srcid) {
				log_print("pf_key_v2_acquire: "
				    "badly formatted PREFIX identity");
				goto fail;
			}
			masklen = atoi(srcid + 1);

			/* XXX We only support host addresses. */
			if ((afamily == AF_INET6 && masklen != 128)
			    || (afamily == AF_INET && masklen != 32)) {
				log_print("pf_key_v2_acquire: "
				    "non-host address specified in source "
				    "identity (mask length %d), ignoring "
				    "request", masklen);
				goto fail;
			}
			/*
			 * NUL-terminate the PREFIX string at the separator,
			 * then dup.
			 */
			*srcid = '\0';
			slen = strlen((char *) (srcident + 1)) +
			    sizeof "ID:Address/";
			srcid = malloc(slen);
			if (!srcid) {
				log_error("pf_key_v2_acquire: "
				    "malloc (%d) failed", slen);
				goto fail;
			}
			snprintf(srcid, slen, "ID:Address/%s",
			    (char *) (srcident + 1));

			/* Set the section if it doesn't already exist. */
			af = conf_begin();
			if (!conf_get_str(srcid, "ID-type")) {
				if (conf_set(af, srcid, "ID-type",
				    afamily == AF_INET ? "IPV4_ADDR" :
				    "IPV6_ADDR", 1, 0)
				    || conf_set(af, srcid, "Refcount", "1", 1,
					0)
				    || conf_set(af, srcid, "Address",
					(char *) (srcident + 1), 1, 0)) {
					conf_end(af, 0);
					goto fail;
				}
			} else
				pf_key_v2_conf_refinc(af, srcid);
			conf_end(af, 1);
			break;

		case SADB_IDENTTYPE_FQDN:
			prefstring = "FQDN";
			/* Fall through */
		case SADB_IDENTTYPE_USERFQDN:
			if (!prefstring) {
				prefstring = "USER_FQDN";

				/*
				 * Check whether there is a string following
				 * the header; if no, that there is a user ID
				 * (and acquire the login name). If there is
				 * both a string and a user ID, check that
				 * they match.
			         */
				if ((slen == 0) &&
				    (srcident->sadb_ident_id == 0)) {
					log_print("pf_key_v2_acquire: "
					    "no user FQDN or ID provided");
					goto fail;
				}
				if (srcident->sadb_ident_id) {
					pwd =
					    getpwuid(srcident->sadb_ident_id);
					if (!pwd) {
						log_error("pf_key_v2_acquire: "
						    "could not acquire "
						    "username from provided "
						    "ID %llu",
						    srcident->sadb_ident_id);
						goto fail;
					}
					if (slen != 0)
						if (strcmp(pwd->pw_name,
						    (char *) (srcident + 1))
						    != 0) {
							log_print("pf_key_v2_acquire: "
							    "provided user "
							    "name and ID do "
							    "not match (%s != "
							    "%s)",
							    (char *) (srcident + 1),
							    pwd->pw_name);
							/*
							 * String has
							 * precedence, per
							 * RFC 2367.
							 */
						}
				}
			}
			buflen = (slen ? slen : strlen(pwd->pw_name)) +
			    strlen(prefstring) + sizeof "ID:/";
			srcid = malloc(buflen);
			if (!srcid) {
				log_error("pf_key_v2_acquire: "
				    "malloc (%d) failed", buflen);
				goto fail;
			}
			snprintf(srcid, buflen, "ID:%s/", prefstring);
			if (slen != 0)
				strlcat(srcid,
				    (char *) (srcident + 1), buflen);
			else
				strlcat(srcid, pwd->pw_name, buflen);
			pwd = 0;

			/* Set the section if it doesn't already exist. */
			af = conf_begin();
			if (!conf_get_str(srcid, "ID-type")) {
				if (conf_set(af, srcid, "ID-type", prefstring,
				    1, 0)
				    || conf_set(af, srcid, "Refcount", "1", 1,
					0)
				    || conf_set(af, srcid, "Name",
					srcid + sizeof "ID:/" - 1 +
					strlen(prefstring), 1, 0)) {
					conf_end(af, 0);
					goto fail;
				}
			} else
				pf_key_v2_conf_refinc(af, srcid);
			conf_end(af, 1);
			break;

		default:
			LOG_DBG((LOG_SYSDEP, 20,
			     "pf_key_v2_acquire: invalid source ID type %d",
				 srcident->sadb_ident_type));
			goto fail;
		}

		LOG_DBG((LOG_SYSDEP, 50,
		    "pf_key_v2_acquire: constructed source ID \"%s\"", srcid));
		prefstring = 0;
	}
	/* Insert destination ID. */
	if (dstident) {
		slen = (dstident->sadb_ident_len * sizeof(u_int64_t))
			- sizeof(struct sadb_ident);

		/* Check for valid type. */
		switch (dstident->sadb_ident_type) {
#if defined (SADB_X_IDENTTYPE_CONNECTION)
		case SADB_X_IDENTTYPE_CONNECTION:
			/* XXX */
			break;
#endif

		case SADB_IDENTTYPE_PREFIX:
			/* Determine what the address family is. */
			dstid = memchr(dstident + 1, ':', slen);
			if (dstid)
				afamily = AF_INET6;
			else
				afamily = AF_INET;

			dstid = memchr(dstident + 1, '/', slen);
			if (!dstid) {
				log_print("pf_key_v2_acquire: "
				    "badly formatted PREFIX identity");
				goto fail;
			}
			masklen = atoi(dstid + 1);

			/* XXX We only support host addresses. */
			if ((afamily == AF_INET6 && masklen != 128)
			    || (afamily == AF_INET && masklen != 32)) {
				log_print("pf_key_v2_acquire: "
				    "non-host address specified in "
				    "destination identity (mask length %d), "
				    "ignoring request", masklen);
				goto fail;
			}
			/*
			 * NUL-terminate the PREFIX string at the separator,
			 * then dup.
			 */
			*dstid = '\0';
			slen = strlen((char *) (dstident + 1)) +
			    sizeof "ID:Address/";
			dstid = malloc(slen);
			if (!dstid) {
				log_error("pf_key_v2_acquire: "
				    "malloc (%d) failed", slen);
				goto fail;
			}
			snprintf(dstid, slen, "ID:Address/%s",
			    (char *) (dstident + 1));

			/* Set the section if it doesn't already exist. */
			af = conf_begin();
			if (!conf_get_str(dstid, "ID-type")) {
				if (conf_set(af, dstid, "ID-type",
				    afamily == AF_INET ? "IPV4_ADDR" :
				    "IPV6_ADDR", 1, 0)
				    || conf_set(af, dstid, "Refcount", "1", 1,
					0)
				    || conf_set(af, dstid, "Address",
					(char *) (dstident + 1), 1, 0)) {
					conf_end(af, 0);
					goto fail;
				}
			} else
				pf_key_v2_conf_refinc(af, dstid);
			conf_end(af, 1);
			break;

		case SADB_IDENTTYPE_FQDN:
			prefstring = "FQDN";
			/* Fall through */

		case SADB_IDENTTYPE_USERFQDN:
			if (!prefstring) {
				prefstring = "USER_FQDN";

				/*
				 * Check whether there is a string following
				 * the header; if no, that there is a user ID
				 * (and acquire the login name). If there is
				 * both a string and a user ID, check that
				 * they match.
			         */
				if (slen == 0 &&
				    dstident->sadb_ident_id == 0) {
					log_print("pf_key_v2_acquire: "
					    "no user FQDN or ID provided");
					goto fail;
				}
				if (dstident->sadb_ident_id) {
					pwd = getpwuid(dstident->sadb_ident_id);
					if (!pwd) {
						log_error("pf_key_v2_acquire: "
						    "could not acquire "
						    "username from provided "
						    "ID %llu",
						    dstident->sadb_ident_id);
						goto fail;
					}
					if (slen != 0)
						if (strcmp(pwd->pw_name,
						    (char *) (dstident + 1))
						    != 0) {
							log_print("pf_key_v2_acquire: "
							    "provided user "
							    "name and ID do "
							    "not match (%s != "
							    "%s)",
							    (char *) (dstident + 1),
							    pwd->pw_name);
							/*
							 * String has
							 * precedence, per RF
							 * 2367.
							 */
						}
				}
			}
			buflen = (slen ? slen : strlen(pwd->pw_name)) +
			    strlen(prefstring) + sizeof "ID:/";
			dstid = malloc(buflen);
			if (!dstid) {
				log_error("pf_key_v2_acquire: "
				    "malloc (%d) failed", buflen);
				goto fail;
			}
			snprintf(dstid, buflen, "ID:%s/", prefstring);
			if (slen != 0)
				strlcat(dstid, (char *) (dstident + 1),
				    buflen);
			else
				strlcat(dstid, pwd->pw_name, buflen);
			pwd = 0;

			/* Set the section if it doesn't already exist. */
			af = conf_begin();
			if (!conf_get_str(dstid, "ID-type")) {
				if (conf_set(af, dstid, "ID-type", prefstring,
				    1, 0)
				    || conf_set(af, dstid, "Refcount", "1", 1,
					0)
				    || conf_set(af, dstid, "Name",
					dstid + sizeof "ID:/" - 1 +
					strlen(prefstring), 1, 0)) {
					conf_end(af, 0);
					goto fail;
				}
			} else
				pf_key_v2_conf_refinc(af, dstid);
			conf_end(af, 1);
			break;

		default:
			LOG_DBG((LOG_SYSDEP, 20, "pf_key_v2_acquire: "
			    "invalid destination ID type %d",
			    dstident->sadb_ident_type));
			goto fail;
		}

		LOG_DBG((LOG_SYSDEP, 50,
		    "pf_key_v2_acquire: constructed destination ID \"%s\"",
		    dstid));
	}
	/* Now we've placed the necessary IDs in the configuration space. */

	/* Get a new connection sequence number. */
	for (;; connection_seq++) {
		snprintf(conn, connlen, "Connection-%u", connection_seq);
		snprintf(configname, sizeof configname, "Config-Phase2-%u",
		    connection_seq);

		/* Does it exist ? */
		if (!conf_get_str(conn, "Phase")
		    && !conf_get_str(configname, "Suites"))
			break;
	}

	/*
	 * Set the IPsec connection entry. In particular, the following fields:
	 * - Phase
	 * - ISAKMP-peer
	 * - Local-ID/Remote-ID (if provided)
	 * - Acquire-ID (sequence number of kernel message, e.g., PF_KEYv2)
	 * - Configuration
         *
	 * Also set the following section:
	 *    [Peer-dstaddr(/srcaddr)(-srcid)(/dstid)]
	 * with these fields:
	 * - Phase
	 * - ID (if provided)
	 * - Remote-ID (if provided)
	 * - Local-address (if provided)
	 * - Address
	 * - Configuration (if an entry ISAKMP-configuration-dstaddr(/srcaddr)
	 *                  exists -- otherwise use the defaults)
         */

	slen = strlen(dstbuf) + strlen(srcbuf) + (srcid ? strlen(srcid) : 0)
		+ (dstid ? strlen(dstid) : 0) + sizeof "Peer-/-/";
	peer = malloc(slen);
	if (!peer)
		goto fail;

	/*
	 * The various cases:
	 * - Peer-dstaddr
	 * - Peer-dstaddr/srcaddr
	 * - Peer-dstaddr/srcaddr-srcid
	 * - Peer-dstaddr/srcaddr-srcid/dstid
	 * - Peer-dstaddr/srcaddr-/dstid
	 * - Peer-dstaddr-srcid/dstid
	 * - Peer-dstaddr-/dstid
	 * - Peer-dstaddr-srcid
         */
	snprintf(peer, slen, "Peer-%s%s%s%s%s%s%s", dstbuf, srcaddr ? "/" : "",
		 srcaddr ? srcbuf : "", srcid ? "-" : "", srcid ? srcid : "",
		 dstid ? (srcid ? "/" : "-/") : "", dstid ? dstid : "");

	/*
	 * Set the IPsec connection section. Refcount is set to 2, because
	 * it will be linked both to the incoming and the outgoing SA.
         */
	af = conf_begin();
	if (conf_set(af, conn, "Phase", "2", 0, 0)
	    || conf_set(af, conn, "Flags", "__ondemand", 0, 0)
	    || conf_set(af, conn, "Refcount", "2", 0, 0)
	    || conf_set(af, conn, "ISAKMP-peer", peer, 0, 0)) {
		conf_end(af, 0);
		goto fail;
	}
	/* Set the sequence number. */
	snprintf(lname, sizeof lname, "%u", msg->sadb_msg_seq);
	if (conf_set(af, conn, "Acquire-ID", lname, 0, 0)) {
		conf_end(af, 0);
		goto fail;
	}
	/* Set Phase 2 IDs -- this is the Local-ID section. */
	snprintf(lname, sizeof lname, "Phase2-ID:%s/%s/%u/%u", ssflow, ssmask,
		 tproto, sport);
	if (conf_set(af, conn, "Local-ID", lname, 0, 0)) {
		conf_end(af, 0);
		goto fail;
	}
	if (!conf_get_str(lname, "ID-type")) {
		if (conf_set(af, lname, "Refcount", "1", 0, 0)) {
			conf_end(af, 0);
			goto fail;
		}
		if (shostflag) {
			if (conf_set(af, lname, "ID-type", sidtype, 0, 0)
			  || conf_set(af, lname, "Address", ssflow, 0, 0)) {
				conf_end(af, 0);
				goto fail;
			}
		} else {
			if (conf_set(af, lname, "ID-type", sidtype, 0, 0)
			    || conf_set(af, lname, "Network", ssflow, 0, 0)
			  || conf_set(af, lname, "Netmask", ssmask, 0, 0)) {
				conf_end(af, 0);
				goto fail;
			}
		}
		if (tproto) {
			snprintf(tmbuf, sizeof sport * 3 + 1, "%u", tproto);
			if (conf_set(af, lname, "Protocol", tmbuf, 0, 0)) {
				conf_end(af, 0);
				goto fail;
			}
			if (sport) {
				snprintf(tmbuf, sizeof sport * 3 + 1, "%u",
				    ntohs(sport));
				if (conf_set(af, lname, "Port", tmbuf, 0, 0)) {
					conf_end(af, 0);
					goto fail;
				}
			}
		}
	} else
		pf_key_v2_conf_refinc(af, lname);

	/* Set Remote-ID section. */
	snprintf(dname, sizeof dname, "Phase2-ID:%s/%s/%u/%u", sdflow, sdmask,
	    tproto, dport);
	if (conf_set(af, conn, "Remote-ID", dname, 0, 0)) {
		conf_end(af, 0);
		goto fail;
	}
	if (!conf_get_str(dname, "ID-type")) {
		if (conf_set(af, dname, "Refcount", "1", 0, 0)) {
			conf_end(af, 0);
			goto fail;
		}
		if (dhostflag) {
			if (conf_set(af, dname, "ID-type", didtype, 0, 0)
			    || conf_set(af, dname, "Address", sdflow, 0, 0)) {
				conf_end(af, 0);
				goto fail;
			}
		} else {
			if (conf_set(af, dname, "ID-type", didtype, 0, 0)
			    || conf_set(af, dname, "Network", sdflow, 0, 0)
			    || conf_set(af, dname, "Netmask", sdmask, 0, 0)) {
				conf_end(af, 0);
				goto fail;
			}
		}

		if (tproto) {
			snprintf(tmbuf, sizeof dport * 3 + 1, "%u", tproto);
			if (conf_set(af, dname, "Protocol", tmbuf, 0, 0)) {
				conf_end(af, 0);
				goto fail;
			}
			if (dport) {
				snprintf(tmbuf, sizeof dport * 3 + 1, "%u",
				    ntohs(dport));
				if (conf_set(af, dname, "Port", tmbuf, 0, 0)) {
					conf_end(af, 0);
					goto fail;
				}
			}
		}
	} else
		pf_key_v2_conf_refinc(af, dname);

	/*
	 * XXX
	 * We should be using information from the proposal to set this up.
	 * At least, we should make this selectable.
         */

	/* Phase 2 configuration. */
	if (conf_set(af, conn, "Configuration", configname, 0, 0)) {
		conf_end(af, 0);
		goto fail;
	}
	if (conf_set(af, configname, "Exchange_type", "Quick_mode", 0, 0)
	    || conf_set(af, configname, "DOI", "IPSEC", 0, 0)) {
		conf_end(af, 0);
		goto fail;
	}
	if (conf_get_str("General", "Default-phase-2-suites")) {
		if (conf_set(af, configname, "Suites",
		    conf_get_str("General", "Default-phase-2-suites"), 0, 0)) {
			conf_end(af, 0);
			goto fail;
		}
	} else {
		if (conf_set(af, configname, "Suites",
		    "QM-ESP-3DES-SHA-PFS-SUITE", 0, 0)) {
			conf_end(af, 0);
			goto fail;
		}
	}

	/* Set the ISAKMP-peer section. */
	if (!conf_get_str(peer, "Phase")) {
		if (conf_set(af, peer, "Phase", "1", 0, 0)
		    || conf_set(af, peer, "Refcount", "1", 0, 0)
		    || conf_set(af, peer, "Address", dstbuf, 0, 0)) {
			conf_end(af, 0);
			goto fail;
		}
		if (srcaddr && conf_set(af, peer, "Local-address", srcbuf, 0,
		    0)) {
			conf_end(af, 0);
			goto fail;
		}
		snprintf(confname, sizeof confname, "ISAKMP-Configuration-%s",
		    peer);
		if (conf_set(af, peer, "Configuration", confname, 0, 0)) {
			conf_end(af, 0);
			goto fail;
		}
#if defined (SADB_X_CREDTYPE_NONE)
		/* Store any credentials passed to us. */
		if (cred) {
			struct cert_handler *handler = 0;
			void           *cert;
			char            num[12], *certprint;

			/* Convert to bytes in-place. */
			cred->sadb_x_cred_len *= PF_KEY_V2_CHUNK;

			if (cred->sadb_x_cred_len <= sizeof *cred) {
				log_print("pf_key_v2_acquire: "
				    "zero-length credentials, aborting SA "
				    "acquisition");
				conf_end(af, 0);
				goto fail;
			}
			switch (cred->sadb_x_cred_type) {
			case SADB_X_CREDTYPE_X509:
				snprintf(num, sizeof num, "%d",
				    ISAKMP_CERTENC_X509_SIG);
				handler = cert_get(ISAKMP_CERTENC_X509_SIG);
				break;
			case SADB_X_CREDTYPE_KEYNOTE:
				snprintf(num, sizeof num, "%d",
				    ISAKMP_CERTENC_KEYNOTE);
				handler = cert_get(ISAKMP_CERTENC_KEYNOTE);
				break;
			default:
				log_print("pf_key_v2_acquire: "
				    "unknown credential type %d",
				    cred->sadb_x_cred_type);
				conf_end(af, 0);
				goto fail;
			}

			if (!handler) {
				log_print("pf_key_v2_acquire: "
				    "cert_get (%s) failed", num);
				conf_end(af, 0);
				goto fail;
			}
			/* Set the credential type as a number. */
			if (conf_set(af, peer, "Credential_type", num, 0, 0)) {
				conf_end(af, 0);
				goto fail;
			}
			/* Get the certificate. */
			cert = handler->cert_get((u_int8_t *) (cred + 1),
			    cred->sadb_x_cred_len - sizeof *cred);

			/* Now convert to printable format. */
			certprint = handler->cert_printable(cert);
			handler->cert_free(cert);
			if (!certprint
			    || conf_set(af, peer, "Credentials", certprint, 0,
				0)) {
				if (certprint)
					free(certprint);
				conf_end(af, 0);
				goto fail;
			}
			free(certprint);
		}
#endif				/* SADB_X_CREDTYPE_NONE */

		/* Phase 1 configuration. */
		if (!conf_get_str(confname, "exchange_type")) {
#if defined (SADB_X_EXT_LOCAL_AUTH)
			/*
			 * We may have been provided with authentication
			 * material.
			 */
			if (sauth) {
				char           *authm;

				/* Convert to bytes in-place. */
				sauth->sadb_x_cred_len *= PF_KEY_V2_CHUNK;

				switch (sauth->sadb_x_cred_type) {
				case SADB_X_AUTHTYPE_PASSPHRASE:
					if (conf_set(af, confname,
					    "Transforms", "3DES-SHA", 0, 0)) {
						conf_end(af, 0);
						goto fail;
					}
					if (sauth->sadb_x_cred_len <=
					    sizeof *sauth) {
						log_print("pf_key_v2_acquire: "
						    "zero-length passphrase, "
						    "aborting SA acquisition");
						conf_end(af, 0);
						goto fail;
					}
					authm = malloc(sauth->sadb_x_cred_len -
					    sizeof *sauth + 1);
					if (!authm) {
						log_error("pf_key_v2_acquire: "
						    "malloc (%lu) failed",
						    sauth->sadb_x_cred_len -
						    (unsigned long) sizeof *sauth + 1);
						conf_end(af, 0);
						goto fail;
					}
					memcpy(authm, sauth + 1,
					    sauth->sadb_x_cred_len -
					    sizeof *sauth + 1);

					/* Set the passphrase in the peer. */
					if (conf_set(af, peer,
					    "Authentication", authm, 0, 0)) {
						free(authm);
						conf_end(af, 0);
						goto fail;
					}
					free(authm);
					break;

				case SADB_X_AUTHTYPE_RSA:
					if (conf_set(af, confname,
					    "Transforms", "3DES-SHA-RSA_SIG",
					    0, 0)) {
						conf_end(af, 0);
						goto fail;
					}
					if (sauth->sadb_x_cred_len <=
					    sizeof *sauth) {
						log_print("pf_key_v2_acquire: "
						    "zero-length RSA key, "
						    "aborting SA acquisition");
						conf_end(af, 0);
						goto fail;
					}
					authm = key_printable(ISAKMP_KEY_RSA,
					    ISAKMP_KEYTYPE_PRIVATE,
					    (u_int8_t *) sauth + 1,
					    sauth->sadb_x_cred_len -
					    sizeof *sauth);
					if (!authm) {
						log_print("pf_key_v2_acquire: "
						    "failed to convert "
						    "private key to printable "
						    "format (size %lu)",
						    sauth->sadb_x_cred_len -
						    (unsigned long) sizeof *sauth);
						conf_end(af, 0);
						goto fail;
					}
					/*
					 * Set the key in the peer. We don't
					 * use "Authentication" to avoid
					 * potential conflicts with file-based
					 * configurations that use public key
					 * authentication but still specify
					 * an "Authentication" tag (typically
					 * as a remnant of passphrase-based
					 * testing).
				         */
					if (conf_set(af, peer,
					    "PKAuthentication", authm, 0, 0)) {
						free(authm);
						conf_end(af, 0);
						goto fail;
					}
					free(authm);
					break;

				default:
					log_print("pf_key_v2_acquire: "
					    "unknown authentication "
					    "material type %d received from "
					    "kernel", sauth->sadb_x_cred_type);
					conf_end(af, 0);
					goto fail;
				}
			} else	/* Fall through */
#endif				/* SADB_X_EXT_LOCAL_AUTH */
			{
				xform = conf_get_str(
				    "Default-phase-1-configuration",
				    "Transforms");
				if (conf_set(af, confname, "Transforms",
				    xform ? xform : "3DES-SHA-RSA_SIG", 0,
				    0)) {
					conf_end(af, 0);
					goto fail;
				}
			}

			if (conf_set(af, confname, "Exchange_Type", "ID_PROT",
			    0, 0)
			    || conf_set(af, confname, "DOI", "IPSEC", 0, 0)
			    || conf_set(af, confname, "Refcount", "1", 0, 0)) {
				conf_end(af, 0);
				goto fail;
			}
		} else
			pf_key_v2_conf_refinc(af, confname);

		/* The ID we should use in Phase 1. */
		if (srcid && conf_set(af, peer, "ID", srcid, 0, 0)) {
			conf_end(af, 0);
			goto fail;
		}
		/* The ID the other side should use in Phase 1. */
		if (dstid && conf_set(af, peer, "Remote-ID", dstid, 0, 0)) {
			conf_end(af, 0);
			goto fail;
		}
	} else
		pf_key_v2_conf_refinc(af, peer);

	/* All done. */
	conf_end(af, 1);

	/* Let's rock 'n roll. */
	pf_key_v2_connection_check(conn);
	conn = 0;

	/* Fall-through to cleanup. */
fail:
	if (ret)
		pf_key_v2_msg_free(ret);
	if (askpolicy)
		pf_key_v2_msg_free(askpolicy);
	if (srcid)
		free(srcid);
	if (dstid)
		free(dstid);
	if (peer)
		free(peer);
	if (conn)
		free(conn);
	return;
#else
	/* acquire not supported */
	return;
#endif				/* SADB_X_ASKPOLICY */
}

static void
pf_key_v2_notify(struct pf_key_v2_msg *msg)
{
	switch (((struct sadb_msg *)TAILQ_FIRST(msg)->seg)->sadb_msg_type) {
	case SADB_EXPIRE:
		pf_key_v2_expire(msg);
		break;

	case SADB_ACQUIRE:
		pf_key_v2_acquire(msg);
		break;

	default:
		log_print("pf_key_v2_notify: unexpected message type (%d)",
		    ((struct sadb_msg *)TAILQ_FIRST(msg)->seg)->sadb_msg_type);
	}
	pf_key_v2_msg_free(msg);
}

void
pf_key_v2_handler(int fd)
{
	struct pf_key_v2_msg *msg;
#if !defined (LINUX_IPSEC)
	int             n;

	/*
	 * As synchronous read/writes to the socket can have taken place
	 * between the select(2) call of the main loop and this handler, we
	 * need to recheck the readability.
         */
	if (ioctl(pf_key_v2_socket, FIONREAD, &n) == -1) {
		log_error("pf_key_v2_handler: ioctl (%d, FIONREAD, &n) failed",
			  pf_key_v2_socket);
		return;
	}
	if (!n)
		return;
#endif				/* LINUX_IPSEC */

	msg = pf_key_v2_read(0);
	if (msg)
		pf_key_v2_notify(msg);
}

/*
 * Group 2 IPsec SAs given by the PROTO1 and PROTO2 protocols of the SA IKE
 * security association in a chain.
 * XXX Assumes OpenBSD GRPSPIS extension.  Should probably be moved to sysdep.c
 */
int
pf_key_v2_group_spis(struct sa *sa, struct proto *proto1,
		     struct proto *proto2, int incoming)
{
#if defined (SADB_X_GRPSPIS)
	struct sadb_msg msg;
	struct sadb_sa  sa1, sa2;
	struct sadb_address *addr = 0;
	struct sadb_protocol protocol;
	struct pf_key_v2_msg *grpspis = 0, *ret = 0;
	struct sockaddr *saddr;
	int             err;
	size_t          len;
#ifdef KAME
	struct sadb_x_sa2 kamesa2;
#endif

	msg.sadb_msg_type = SADB_X_GRPSPIS;
	switch (proto1->proto) {
	case IPSEC_PROTO_IPSEC_ESP:
		msg.sadb_msg_satype = SADB_SATYPE_ESP;
		break;
	case IPSEC_PROTO_IPSEC_AH:
		msg.sadb_msg_satype = SADB_SATYPE_AH;
		break;
#if defined (SADB_X_SATYPE_IPCOMP)
	case IPSEC_PROTO_IPCOMP:
		msg.sadb_msg_satype = SADB_X_SATYPE_IPCOMP;
		break;
#endif
	default:
		log_print("pf_key_v2_group_spis: invalid proto %d",
		    proto1->proto);
		goto cleanup;
	}
	msg.sadb_msg_seq = 0;
	grpspis = pf_key_v2_msg_new(&msg, 0);
	if (!grpspis)
		goto cleanup;

	/* Setup the SA extensions.  */
	sa1.sadb_sa_exttype = SADB_EXT_SA;
	sa1.sadb_sa_len = sizeof sa1 / PF_KEY_V2_CHUNK;
	memcpy(&sa1.sadb_sa_spi, proto1->spi[incoming],
	    sizeof sa1.sadb_sa_spi);
	sa1.sadb_sa_replay = 0;
	sa1.sadb_sa_state = 0;
	sa1.sadb_sa_auth = 0;
	sa1.sadb_sa_encrypt = 0;
	sa1.sadb_sa_flags = 0;
	if (pf_key_v2_msg_add(grpspis, (struct sadb_ext *)&sa1, 0) == -1)
		goto cleanup;

#ifndef KAME
	sa2.sadb_sa_exttype = SADB_X_EXT_SA2;
	sa2.sadb_sa_len = sizeof sa2 / PF_KEY_V2_CHUNK;
	memcpy(&sa2.sadb_sa_spi, proto2->spi[incoming],
	    sizeof sa2.sadb_sa_spi);
	sa2.sadb_sa_replay = 0;
	sa2.sadb_sa_state = 0;
	sa2.sadb_sa_auth = 0;
	sa2.sadb_sa_encrypt = 0;
	sa2.sadb_sa_flags = 0;
	if (pf_key_v2_msg_add(grpspis, (struct sadb_ext *)&sa2, 0) == -1)
		goto cleanup;
#else
	memset(&kamesa2, 0, sizeof kamesa2);
	kamesa2.sadb_x_sa2_exttype = SADB_X_EXT_SA2;
	kamesa2.sadb_x_sa2_len = sizeof kamesa2 / PF_KEY_V2_CHUNK;
	kamesa2.sadb_x_sa2_mode = 0;
	if (pf_key_v2_msg_add(grpspis, (struct sadb_ext *)&kamesa2, 0) == -1)
		goto cleanup;
#endif

	/*
	 * Setup the ADDRESS extensions.
         */
	if (incoming)
		sa->transport->vtbl->get_src(sa->transport, &saddr);
	else
		sa->transport->vtbl->get_dst(sa->transport, &saddr);
	len = sizeof *addr + PF_KEY_V2_ROUND(sysdep_sa_len(saddr));
	addr = calloc(1, len);
	if (!addr)
		goto cleanup;
	addr->sadb_address_exttype = SADB_EXT_ADDRESS_DST;
	addr->sadb_address_len = len / PF_KEY_V2_CHUNK;
#ifndef __OpenBSD__
	addr->sadb_address_proto = 0;
	addr->sadb_address_prefixlen = 0;
#endif
	addr->sadb_address_reserved = 0;
	memcpy(addr + 1, saddr, sysdep_sa_len(saddr));
	((struct sockaddr_in *) (addr + 1))->sin_port = 0;
	if (pf_key_v2_msg_add(grpspis, (struct sadb_ext *) addr,
	    PF_KEY_V2_NODE_MALLOCED) == -1)
		goto cleanup;
	addr = 0;

	addr = calloc(1, len);
	if (!addr)
		goto cleanup;
	addr->sadb_address_exttype = SADB_X_EXT_DST2;
	addr->sadb_address_len = len / PF_KEY_V2_CHUNK;
#ifndef __OpenBSD__
	addr->sadb_address_proto = 0;
	addr->sadb_address_prefixlen = 0;
#endif
	addr->sadb_address_reserved = 0;
	memcpy(addr + 1, saddr, sysdep_sa_len(saddr));
	((struct sockaddr_in *) (addr + 1))->sin_port = 0;
	if (pf_key_v2_msg_add(grpspis, (struct sadb_ext *) addr,
	    PF_KEY_V2_NODE_MALLOCED) == -1)
		goto cleanup;
	addr = 0;

	/* Setup the PROTOCOL extension.  */
	protocol.sadb_protocol_exttype = SADB_X_EXT_PROTOCOL;
	protocol.sadb_protocol_len = sizeof protocol / PF_KEY_V2_CHUNK;
	switch (proto2->proto) {
	case IPSEC_PROTO_IPSEC_ESP:
		protocol.sadb_protocol_proto = SADB_SATYPE_ESP;
		break;
	case IPSEC_PROTO_IPSEC_AH:
		protocol.sadb_protocol_proto = SADB_SATYPE_AH;
		break;
#if defined (SADB_X_SATYPE_IPCOMP)
	case IPSEC_PROTO_IPCOMP:
		protocol.sadb_protocol_proto = SADB_X_SATYPE_IPCOMP;
		break;
#endif
	default:
		log_print("pf_key_v2_group_spis: invalid proto %d",
		    proto2->proto);
		goto cleanup;
	}
	protocol.sadb_protocol_reserved2 = 0;
	if (pf_key_v2_msg_add(grpspis,
	    (struct sadb_ext *)&protocol, 0) == -1)
		goto cleanup;

	ret = pf_key_v2_call(grpspis);
	pf_key_v2_msg_free(grpspis);
	grpspis = 0;
	if (!ret)
		goto cleanup;
	err = ((struct sadb_msg *)TAILQ_FIRST(ret)->seg)->sadb_msg_errno;
	if (err) {
		log_print("pf_key_v2_group_spis: GRPSPIS: %s", strerror(err));
		goto cleanup;
	}
	pf_key_v2_msg_free(ret);

	LOG_DBG((LOG_SYSDEP, 50, "pf_key_v2_group_spis: done"));

	return 0;

cleanup:
	if (addr)
		free(addr);
	if (grpspis)
		pf_key_v2_msg_free(grpspis);
	if (ret)
		pf_key_v2_msg_free(ret);
	return -1;

#else				/* SADB_X_GRPSPIS */
	log_print("pf_key_v2_group_spis: not supported in pure PF_KEYv2");
	return -1;
#endif
}