diff options
| author | Niels Provos <provos@cvs.openbsd.org> | 1997-06-25 07:53:30 +0000 |
|---|---|---|
| committer | Niels Provos <provos@cvs.openbsd.org> | 1997-06-25 07:53:30 +0000 |
| commit | 2c9ded294a4d953f480eee2306fa97f79e827527 (patch) | |
| tree | 082b2f37de03d91c07920aaef2b13e620ab25793 /sys/netinet/ip_ahmd5.c | |
| parent | eb51828dafd060aca283723aefa09b27ede1e79b (diff) | |
hard and soft limits for SPI's per absolute timer, relative since establish,
relative since first use timers, packet and byte counters. notify key mgmt
on soft limits. key mgmt can now specify limits. new encap messages:
EMT_RESERVESPI, EMT_ENABLESPI, EMT_DISABLESPI
Diffstat (limited to 'sys/netinet/ip_ahmd5.c')
| -rw-r--r-- | sys/netinet/ip_ahmd5.c | 26 |
1 files changed, 15 insertions, 11 deletions
diff --git a/sys/netinet/ip_ahmd5.c b/sys/netinet/ip_ahmd5.c index ce3a9143220..e19b596f172 100644 --- a/sys/netinet/ip_ahmd5.c +++ b/sys/netinet/ip_ahmd5.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ip_ahmd5.c,v 1.8 1997/06/24 20:57:25 provos Exp $ */ +/* $OpenBSD: ip_ahmd5.c,v 1.9 1997/06/25 07:53:23 provos Exp $ */ /* * The author of this code is John Ioannidis, ji@tla.org, @@ -195,24 +195,28 @@ ahmd5_input(struct mbuf *m, struct tdb *tdb) switch (optval) { case IPOPT_EOL: + MD5Update(&ctx, ipseczeroes, 1); + off = ip->ip_hl << 2; + break; + case IPOPT_NOP: MD5Update(&ctx, ipseczeroes, 1); off++; - continue; - + break; + case IPOPT_SECURITY: case 133: case 134: optval = ((u_int8_t *)ip)[off + 1]; MD5Update(&ctx, (u_int8_t *)ip + off, optval); off += optval; - continue; - + break; + default: optval = ((u_int8_t *)ip)[off + 1]; MD5Update(&ctx, ipseczeroes, optval); off += optval; - continue; + break; } } @@ -280,8 +284,8 @@ ahmd5_input(struct mbuf *m, struct tdb *tdb) ip->ip_sum = in_cksum(m, sizeof (struct ip)); /* Update the counters */ - tdb->tdb_packets++; - tdb->tdb_bytes += ntohs(ip->ip_len) - (ip->ip_hl << 2); + tdb->tdb_cur_packets++; + tdb->tdb_cur_bytes += ntohs(ip->ip_len) - (ip->ip_hl << 2); return m; } @@ -403,9 +407,9 @@ ahmd5_output(struct mbuf *m, struct sockaddr_encap *gw, struct tdb *tdb, struct *mp = m; /* Update the counters */ - tdb->tdb_packets++; - tdb->tdb_bytes += ip->ip_len - (ip->ip_hl << 2) - AH_FLENGTH - - xd->amx_alen; + tdb->tdb_cur_packets++; + tdb->tdb_cur_bytes += ip->ip_len - (ip->ip_hl << 2) - AH_FLENGTH - + xd->amx_alen; return 0; } |