src - OpenBSD base system

diff options


context:
space:
mode:

author	Angelos D. Keromytis <angelos@cvs.openbsd.org>	2000-09-19 08:39:00 +0000
committer	Angelos D. Keromytis <angelos@cvs.openbsd.org>	2000-09-19 08:39:00 +0000
commit	d3026f129bc99d3b82aaf1e351f30940f55e7537 (patch)
tree	6bd2e933f2025b2d62d9db9ea5a8373af6fa4030 /sys/net
parent	93b5af72ed98d24aa109b4f1f0adbf022b791691 (diff)

SA bundles.

Diffstat (limited to 'sys/net')

-rw-r--r--

sys/net/pfkeyv2.c

-rw-r--r--

sys/net/pfkeyv2.h

-rw-r--r--

sys/net/pfkeyv2_parsemessage.c

3 files changed, 75 insertions, 4 deletions

diff --git a/sys/net/pfkeyv2.c b/sys/net/pfkeyv2.c
index b3dfdd3ee20..20e1ed50741 100644
--- a/sys/net/pfkeyv2.c
+++ b/sys/net/pfkeyv2.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: pfkeyv2.c,v 1.41 2000/09/19 04:23:13 angelos Exp $ */

+/* $OpenBSD: pfkeyv2.c,v 1.42 2000/09/19 08:38:58 angelos Exp $ */

%%% copyright-nrl-97

@@ -1407,7 +1407,63 @@ pfkeyv2_send(struct socket *socket, void *message, int len)

break;

+ case SADB_X_GRPSPIS:

+ {

+ struct tdb *tdb1, *tdb2, *tdb3;

+ struct sadb_protocol *sa_proto;

+ ssa = (struct sadb_sa *) headers[SADB_EXT_SA];

+ sunionp = (union sockaddr_union *) (headers[SADB_EXT_ADDRESS_DST] +

+ sizeof(struct sadb_address));

+ s = spltdb();

+ tdb1 = gettdb(ssa->sadb_sa_spi, sunionp,

+ SADB_GETSPROTO(smsg->sadb_msg_satype));

+ if (tdb1 == NULL)

+ {

+ rval = ESRCH;

+ goto splxret;

+ }

+ ssa = (struct sadb_sa *) headers[SADB_X_EXT_SA2];

+ sunionp = (union sockaddr_union *) (headers[SADB_X_EXT_DST2] +

+ sizeof(struct sadb_address));

+ sa_proto = ((struct sadb_protocol *) headers[SADB_X_EXT_PROTOCOL]);

+ tdb2 = gettdb(ssa->sadb_sa_spi, sunionp,

+ SADB_GETSPROTO(sa_proto->sadb_protocol_proto));

+ if (tdb2 == NULL)

+ {

+ rval = ESRCH;

+ goto splxret;

+ }

+ /* Detect cycles */

+ for (tdb3 = tdb2; tdb3; tdb3 = tdb3->tdb_onext)

+ if (tdb3 == tdb1)

+ {

+ rval = ESRCH;

+ goto splxret;

+ }

+ /* Maintenance */

+ if ((tdb1->tdb_onext) &&

+ (tdb1->tdb_onext->tdb_inext == tdb1))

+ tdb1->tdb_onext->tdb_inext = NULL;

+ if ((tdb2->tdb_inext) &&

+ (tdb2->tdb_inext->tdb_onext == tdb2))

+ tdb2->tdb_inext->tdb_onext = NULL;

+ /* Link them */

+ tdb1->tdb_onext = tdb2;

+ tdb2->tdb_inext = tdb1;

+ splx(s);

+ }

+ break;

case SADB_X_DELFLOW:

delflag = 1; /* fall through */

diff --git a/sys/net/pfkeyv2.h b/sys/net/pfkeyv2.h
index 9a6fcb9a300..1346d73e677 100644
--- a/sys/net/pfkeyv2.h
+++ b/sys/net/pfkeyv2.h

@@ -28,7 +28,8 @@ didn't get a copy, you may request one from <license@ipv6.nrl.navy.mil>.

#define SADB_X_PROMISC 11

#define SADB_X_ADDFLOW 12

#define SADB_X_DELFLOW 13

-#define SADB_MAX 13

+#define SADB_X_GRPSPIS 14

+#define SADB_MAX 14

struct sadb_msg {

uint8_t sadb_msg_version;

@@ -183,7 +184,9 @@ struct sadb_protocol {

#define SADB_X_EXT_FLOW_TYPE 19

#define SADB_X_EXT_SRC_FLOW 20

#define SADB_X_EXT_DST_FLOW 21

-#define SADB_EXT_MAX 21

+#define SADB_X_EXT_SA2 22

+#define SADB_X_EXT_DST2 23

+#define SADB_EXT_MAX 23

/* Fix pfkeyv2.c struct pfkeyv2_socket if SATYPE_MAX > 31 */

#define SADB_SATYPE_UNSPEC 0

diff --git a/sys/net/pfkeyv2_parsemessage.c b/sys/net/pfkeyv2_parsemessage.c
index 907c26cfb61..157e46609ec 100644
--- a/sys/net/pfkeyv2_parsemessage.c
+++ b/sys/net/pfkeyv2_parsemessage.c

@@ -56,6 +56,8 @@ you didn't get a copy, you may request one from <license@inner.net>.

#define BITMAP_X_SRC_FLOW (1 << SADB_X_EXT_SRC_FLOW)

#define BITMAP_X_DST_FLOW (1 << SADB_X_EXT_DST_FLOW)

#define BITMAP_X_FLOW_TYPE (1 << SADB_X_EXT_FLOW_TYPE)

+#define BITMAP_X_SA2 (1 << SADB_X_EXT_SA2)

+#define BITMAP_X_DST2 (1 << SADB_X_EXT_DST2)

uint32_t sadb_exts_allowed_in[SADB_MAX+1] =

{

@@ -87,6 +89,8 @@ uint32_t sadb_exts_allowed_in[SADB_MAX+1] =

/* X_DELFLOW */

+ /* X_GRPSPIS */

+ BITMAP_SA | BITMAP_X_SA2 | BITMAP_X_DST2 | BITMAP_ADDRESS_DST | BITMAP_X_PROTOCOL,

};

uint32_t sadb_exts_required_in[SADB_MAX+1] =

@@ -119,6 +123,8 @@ uint32_t sadb_exts_required_in[SADB_MAX+1] =

BITMAP_X_SRC_MASK | BITMAP_X_DST_MASK | BITMAP_X_SRC_FLOW | BITMAP_X_DST_FLOW | BITMAP_X_FLOW_TYPE,

/* X_DELFLOW */

BITMAP_X_SRC_MASK | BITMAP_X_DST_MASK | BITMAP_X_SRC_FLOW | BITMAP_X_DST_FLOW | BITMAP_X_FLOW_TYPE,

+ /* X_GRPSPIS */

+ BITMAP_SA | BITMAP_X_SA2 | BITMAP_X_DST2 | BITMAP_ADDRESS_DST | BITMAP_X_PROTOCOL,

};

uint32_t sadb_exts_allowed_out[SADB_MAX+1] =

@@ -151,6 +157,8 @@ uint32_t sadb_exts_allowed_out[SADB_MAX+1] =

/* X_DELFLOW */

+ /* X_GRPSPIS */

+ BITMAP_SA | BITMAP_X_SA2 | BITMAP_X_DST2 | BITMAP_ADDRESS_DST | BITMAP_X_PROTOCOL,

};

uint32_t sadb_exts_required_out[SADB_MAX+1] =

@@ -183,6 +191,8 @@ uint32_t sadb_exts_required_out[SADB_MAX+1] =

BITMAP_X_SRC_MASK | BITMAP_X_DST_MASK | BITMAP_X_SRC_FLOW | BITMAP_X_DST_FLOW | BITMAP_X_FLOW_TYPE,

/* X_DELFLOW */

BITMAP_X_SRC_MASK | BITMAP_X_DST_MASK | BITMAP_X_SRC_FLOW | BITMAP_X_DST_FLOW | BITMAP_X_FLOW_TYPE,

+ /* X_GRPSPIS */

+ BITMAP_SA | BITMAP_X_SA2 | BITMAP_X_DST2 | BITMAP_ADDRESS_DST | BITMAP_X_PROTOCOL,

};

int pfkeyv2_parsemessage(void *, int, void **);

@@ -259,6 +269,7 @@ pfkeyv2_parsemessage(void *p, int len, void **headers)

switch (sadb_ext->sadb_ext_type) {

case SADB_EXT_SA:

+ case SADB_X_EXT_SA2:

{

struct sadb_sa *sadb_sa = (struct sadb_sa *)p;

@@ -300,6 +311,7 @@ pfkeyv2_parsemessage(void *p, int len, void **headers)

case SADB_X_EXT_DST_MASK:

case SADB_X_EXT_SRC_FLOW:

case SADB_X_EXT_DST_FLOW:

+ case SADB_X_EXT_DST2:

case SADB_EXT_ADDRESS_PROXY:

{

struct sadb_address *sadb_address = (struct sadb_address *)p;