diff options
author | Jun-ichiro itojun Hagino <itojun@cvs.openbsd.org> | 2000-06-18 07:06:18 +0000 |
---|---|---|
committer | Jun-ichiro itojun Hagino <itojun@cvs.openbsd.org> | 2000-06-18 07:06:18 +0000 |
commit | 02d8e05490c74eb95c57aa4efca4c9b4e62567d4 (patch) | |
tree | 083b9708b3f157c8ebfb8c5d341f74fe5c32c17d /sys/netinet | |
parent | 2d2c29463365eb2c1088891ef6cc23c9cd839574 (diff) |
for mcdonald-simple-ipsec-api get/setsockopt, variable size was mixed up.
in some place sizeof(u_char), and in some place sizeof(int) were used.
previous code can cause problem in big endian machines.
now it always uses "int" (isakmpd uses int, so it should be okay)
set m_len properly on mcdonald-simple-ipsec-api getsockopt.
Diffstat (limited to 'sys/netinet')
-rw-r--r-- | sys/netinet/in.h | 8 | ||||
-rw-r--r-- | sys/netinet/ip_output.c | 18 |
2 files changed, 14 insertions, 12 deletions
diff --git a/sys/netinet/in.h b/sys/netinet/in.h index f5d49692ad3..9575c729309 100644 --- a/sys/netinet/in.h +++ b/sys/netinet/in.h @@ -1,4 +1,4 @@ -/* $OpenBSD: in.h,v 1.39 2000/05/25 01:22:00 itojun Exp $ */ +/* $OpenBSD: in.h,v 1.40 2000/06/18 07:06:13 itojun Exp $ */ /* $NetBSD: in.h,v 1.20 1996/02/13 23:41:47 christos Exp $ */ /* @@ -255,9 +255,9 @@ struct ip_opts { /* 14-17 left empty for future compatibility with FreeBSD */ #define IP_PORTRANGE 19 /* int; range to choose for unspec port */ -#define IP_AUTH_LEVEL 20 /* u_char; authentication used */ -#define IP_ESP_TRANS_LEVEL 21 /* u_char; transport encryption */ -#define IP_ESP_NETWORK_LEVEL 22 /* u_char; full-packet encryption */ +#define IP_AUTH_LEVEL 20 /* int; authentication used */ +#define IP_ESP_TRANS_LEVEL 21 /* int; transport encryption */ +#define IP_ESP_NETWORK_LEVEL 22 /* int; full-packet encryption */ #define IPSEC_OUTSA 39 /* set the outbound SA for a socket */ diff --git a/sys/netinet/ip_output.c b/sys/netinet/ip_output.c index 208dec0dd97..aaaec85b491 100644 --- a/sys/netinet/ip_output.c +++ b/sys/netinet/ip_output.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ip_output.c,v 1.72 2000/06/17 23:50:45 angelos Exp $ */ +/* $OpenBSD: ip_output.c,v 1.73 2000/06/18 07:06:17 itojun Exp $ */ /* $NetBSD: ip_output.c,v 1.28 1996/02/13 23:43:07 christos Exp $ */ /* @@ -944,7 +944,7 @@ ip_ctloutput(op, so, level, optname, mp) error = EINVAL; break; } - optval = *mtod(m, u_char *); + optval = *mtod(m, int *); if (optval < IPSEC_LEVEL_BYPASS || optval > IPSEC_LEVEL_UNIQUE) { @@ -1086,20 +1086,22 @@ ip_ctloutput(op, so, level, optname, mp) case IP_ESP_TRANS_LEVEL: case IP_ESP_NETWORK_LEVEL: #ifndef IPSEC + m->m_len = sizeof(int); *mtod(m, int *) = IPSEC_LEVEL_NONE; #else + m->m_len = sizeof(int); switch (optname) { case IP_AUTH_LEVEL: - optval = inp->inp_seclevel[SL_AUTH]; - break; + optval = inp->inp_seclevel[SL_AUTH]; + break; case IP_ESP_TRANS_LEVEL: - optval = inp->inp_seclevel[SL_ESP_TRANS]; - break; + optval = inp->inp_seclevel[SL_ESP_TRANS]; + break; case IP_ESP_NETWORK_LEVEL: - optval = inp->inp_seclevel[SL_ESP_NETWORK]; - break; + optval = inp->inp_seclevel[SL_ESP_NETWORK]; + break; } *mtod(m, int *) = optval; #endif |