IPF 3.2.3

1 files changed, 76 insertions, 33 deletions

diff --git a/sbin/ipf/opt.c b/sbin/ipf/opt.c
index 3f0da9f0274..1e65c9bd0e0 100644
--- a/sbin/ipf/opt.c
+++ b/sbin/ipf/opt.c
@@ -1,6 +1,6 @@
-/*	$OpenBSD: opt.c,v 1.7 1997/06/23 17:11:28 kstailey Exp $	*/
+/*     $OpenBSD: opt.c,v 1.8 1998/01/26 04:13:37 dgregor Exp $      */
 /*
- * (C)opyright 1993,1994,1995 by Darren Reed.
+ * Copyright (C) 1993-1997 by Darren Reed.
  *
  * Redistribution and use in source and binary forms are permitted
  * provided that this notice is preserved and due credit is given
@@ -8,23 +8,27 @@
  */
 #include <stdio.h>
 #include <string.h>
+#include <stdlib.h>
 #include <sys/types.h>
 #include <sys/time.h>
 #include <sys/socket.h>
 #include <netinet/in.h>
 #include <netinet/in_systm.h>
 #include <netinet/ip.h>
+#ifndef	linux
 #include <netinet/ip_var.h>
+#endif
 #include <netinet/tcp.h>
-#include <netinet/tcpip.h>
 #include <net/if.h>
+#include <arpa/inet.h>
 #include "ip_fil_compat.h"
+#include <netinet/tcpip.h>
 #include "ip_fil.h"
 #include "ipf.h"
 
-#ifndef	lint
-static	char	sccsid[] = "@(#)opt.c	1.8 4/10/96 (C) 1993-1995 Darren Reed";
-static	char	rcsid[] = "$DRId: opt.c,v 2.0.1.1 1997/01/09 15:14:44 darrenr Exp $";
+#if !defined(lint)
+static const char sccsid[] = "@(#)opt.c	1.8 4/10/96 (C) 1993-1995 Darren Reed";
+static const char rcsid[] = "@(#)$Id: opt.c,v 1.8 1998/01/26 04:13:37 dgregor Exp $";
 #endif
 
 extern	int	opts;
@@ -66,6 +70,9 @@ struct	ipopt_names	secclass[] = {
 };
 
 
+static	u_char	seclevel __P((char *));
+int addipopt __P((char *, struct ipopt_names *, int, char *));
+
 static u_char seclevel(slevel)
 char *slevel;
 {
@@ -83,14 +90,70 @@ char *slevel;
 }
 
 
-u_long buildopts(cp, op)
+int addipopt(op, io, len, class)
+char *op;
+struct ipopt_names *io;
+int len;
+char *class;
+{
+	int olen = len;
+	struct in_addr ipadr;
+	u_short val;
+	u_char lvl;
+	char *s;
+
+	if ((len + io->on_siz) > 48) {
+		fprintf(stderr, "options too long\n");
+		return 0;
+	}
+	len += io->on_siz;
+	*op++ = io->on_value;
+	if (io->on_siz > 1) {
+		s = op;
+		*op++ = io->on_siz;
+		*op++ = IPOPT_MINOFF;
+
+		if (class) {
+			switch (io->on_value)
+			{
+			case IPOPT_SECURITY :
+				lvl = seclevel(class);
+				*(op - 1) = lvl;
+				break;
+			case IPOPT_LSRR :
+			case IPOPT_SSRR :
+				ipadr.s_addr = inet_addr(class);
+				s[IPOPT_OLEN] = IPOPT_MINOFF - 1 + 4;
+				bcopy((char *)&ipadr, op, sizeof(ipadr));
+				break;
+			case IPOPT_SATID :
+				val = atoi(class);
+				bcopy((char *)&val, op, 2);
+				break;
+			}
+		}
+
+		op += io->on_siz - 3;
+		if (len & 3) {
+			*op++ = IPOPT_NOP;
+			len++;
+		}
+	}
+	if (opts & OPT_DEBUG)
+		fprintf(stderr, "bo: %s %d %#x: %d\n",
+			io->on_name, io->on_value, io->on_bit, len);
+	return len - olen;
+}
+
+
+u_32_t buildopts(cp, op, len)
 char *cp, *op;
+int len;
 {
 	struct ipopt_names *io;
-	u_char lvl;
-	u_long msk = 0;
+	u_32_t msk = 0;
 	char *s, *t;
-	int len = 0;
+	int inc;
 
 	for (s = strtok(cp, ","); s; s = strtok(NULL, ",")) {
 		if ((t = strchr(s, '=')))
@@ -98,30 +161,10 @@ char *cp, *op;
 		for (io = ionames; io->on_name; io++) {
 			if (strcasecmp(s, io->on_name) || (msk & io->on_bit))
 				continue;
-			if ((len + io->on_siz) > 48) {
-				fprintf(stderr, "options too long\n");
-				return 0;
-			}
-			len += io->on_siz;
-			*op++ = io->on_value;
-			if (io->on_siz > 1) {
-				*op++ = io->on_siz;
-				*op++ = IPOPT_MINOFF;
-
-				if (t && !strcasecmp(s, "sec-class")) {
-					lvl = seclevel(t);
-					*(op - 1) = lvl;
-				}
-				op += io->on_siz - 3;
-				if (len & 3) {
-					*op++ = IPOPT_NOP;
-					len++;
-				}
+			if ((inc = addipopt(op, io, len, t))) {
+				op += inc;
+				len += inc;
 			}
-			if (opts & OPT_DEBUG)
-				fprintf(stderr, "bo: %s %d %#x: %d\n",
-					io->on_name, io->on_value,
-					io->on_bit, len);
 			msk |= io->on_bit;
 			break;
 		}