diff options
Diffstat (limited to 'sbin/ipf/opt.c')
| -rw-r--r-- | sbin/ipf/opt.c | 109 |
1 files changed, 76 insertions, 33 deletions
diff --git a/sbin/ipf/opt.c b/sbin/ipf/opt.c index 3f0da9f0274..1e65c9bd0e0 100644 --- a/sbin/ipf/opt.c +++ b/sbin/ipf/opt.c @@ -1,6 +1,6 @@ -/* $OpenBSD: opt.c,v 1.7 1997/06/23 17:11:28 kstailey Exp $ */ +/* $OpenBSD: opt.c,v 1.8 1998/01/26 04:13:37 dgregor Exp $ */ /* - * (C)opyright 1993,1994,1995 by Darren Reed. + * Copyright (C) 1993-1997 by Darren Reed. * * Redistribution and use in source and binary forms are permitted * provided that this notice is preserved and due credit is given @@ -8,23 +8,27 @@ */ #include <stdio.h> #include <string.h> +#include <stdlib.h> #include <sys/types.h> #include <sys/time.h> #include <sys/socket.h> #include <netinet/in.h> #include <netinet/in_systm.h> #include <netinet/ip.h> +#ifndef linux #include <netinet/ip_var.h> +#endif #include <netinet/tcp.h> -#include <netinet/tcpip.h> #include <net/if.h> +#include <arpa/inet.h> #include "ip_fil_compat.h" +#include <netinet/tcpip.h> #include "ip_fil.h" #include "ipf.h" -#ifndef lint -static char sccsid[] = "@(#)opt.c 1.8 4/10/96 (C) 1993-1995 Darren Reed"; -static char rcsid[] = "$DRId: opt.c,v 2.0.1.1 1997/01/09 15:14:44 darrenr Exp $"; +#if !defined(lint) +static const char sccsid[] = "@(#)opt.c 1.8 4/10/96 (C) 1993-1995 Darren Reed"; +static const char rcsid[] = "@(#)$Id: opt.c,v 1.8 1998/01/26 04:13:37 dgregor Exp $"; #endif extern int opts; @@ -66,6 +70,9 @@ struct ipopt_names secclass[] = { }; +static u_char seclevel __P((char *)); +int addipopt __P((char *, struct ipopt_names *, int, char *)); + static u_char seclevel(slevel) char *slevel; { @@ -83,14 +90,70 @@ char *slevel; } -u_long buildopts(cp, op) +int addipopt(op, io, len, class) +char *op; +struct ipopt_names *io; +int len; +char *class; +{ + int olen = len; + struct in_addr ipadr; + u_short val; + u_char lvl; + char *s; + + if ((len + io->on_siz) > 48) { + fprintf(stderr, "options too long\n"); + return 0; + } + len += io->on_siz; + *op++ = io->on_value; + if (io->on_siz > 1) { + s = op; + *op++ = io->on_siz; + *op++ = IPOPT_MINOFF; + + if (class) { + switch (io->on_value) + { + case IPOPT_SECURITY : + lvl = seclevel(class); + *(op - 1) = lvl; + break; + case IPOPT_LSRR : + case IPOPT_SSRR : + ipadr.s_addr = inet_addr(class); + s[IPOPT_OLEN] = IPOPT_MINOFF - 1 + 4; + bcopy((char *)&ipadr, op, sizeof(ipadr)); + break; + case IPOPT_SATID : + val = atoi(class); + bcopy((char *)&val, op, 2); + break; + } + } + + op += io->on_siz - 3; + if (len & 3) { + *op++ = IPOPT_NOP; + len++; + } + } + if (opts & OPT_DEBUG) + fprintf(stderr, "bo: %s %d %#x: %d\n", + io->on_name, io->on_value, io->on_bit, len); + return len - olen; +} + + +u_32_t buildopts(cp, op, len) char *cp, *op; +int len; { struct ipopt_names *io; - u_char lvl; - u_long msk = 0; + u_32_t msk = 0; char *s, *t; - int len = 0; + int inc; for (s = strtok(cp, ","); s; s = strtok(NULL, ",")) { if ((t = strchr(s, '='))) @@ -98,30 +161,10 @@ char *cp, *op; for (io = ionames; io->on_name; io++) { if (strcasecmp(s, io->on_name) || (msk & io->on_bit)) continue; - if ((len + io->on_siz) > 48) { - fprintf(stderr, "options too long\n"); - return 0; - } - len += io->on_siz; - *op++ = io->on_value; - if (io->on_siz > 1) { - *op++ = io->on_siz; - *op++ = IPOPT_MINOFF; - - if (t && !strcasecmp(s, "sec-class")) { - lvl = seclevel(t); - *(op - 1) = lvl; - } - op += io->on_siz - 3; - if (len & 3) { - *op++ = IPOPT_NOP; - len++; - } + if ((inc = addipopt(op, io, len, t))) { + op += inc; + len += inc; } - if (opts & OPT_DEBUG) - fprintf(stderr, "bo: %s %d %#x: %d\n", - io->on_name, io->on_value, - io->on_bit, len); msk |= io->on_bit; break; } |