From b8c0399111efbae21b835abc6b0072032aaf47c7 Mon Sep 17 00:00:00 2001 From: "Angelos D. Keromytis" Date: Wed, 30 May 2001 10:49:50 +0000 Subject: Check the LOCAL_AUTH payload. --- sys/net/pfkeyv2_parsemessage.c | 21 ++++++++++++++++++--- 1 file changed, 18 insertions(+), 3 deletions(-) (limited to 'sys/net/pfkeyv2_parsemessage.c') diff --git a/sys/net/pfkeyv2_parsemessage.c b/sys/net/pfkeyv2_parsemessage.c index 0948674f8e9..88085515928 100644 --- a/sys/net/pfkeyv2_parsemessage.c +++ b/sys/net/pfkeyv2_parsemessage.c @@ -60,9 +60,10 @@ you didn't get a copy, you may request one from . #define BITMAP_X_SA2 (1 << SADB_X_EXT_SA2) #define BITMAP_X_DST2 (1 << SADB_X_EXT_DST2) #define BITMAP_X_POLICY (1 << SADB_X_EXT_POLICY) -#define BITMAP_X_LOCAL_CREDENTIALS (1 << SADB_X_EXT_LOCAL_CREDENTIALS) -#define BITMAP_X_REMOTE_CREDENTIALS (1 << SADB_X_EXT_REMOTE_CREDENTIALS) -#define BITMAP_X_CREDENTIALS (BITMAP_X_LOCAL_CREDENTIALS | BITMAP_X_REMOTE_CREDENTIALS) +#define BITMAP_X_LOCAL_CREDENTIALS (1 << SADB_X_EXT_LOCAL_CREDENTIALS) +#define BITMAP_X_REMOTE_CREDENTIALS (1 << SADB_X_EXT_REMOTE_CREDENTIALS) +#define BITMAP_X_LOCAL_AUTH (1 << SADB_X_EXT_LOCAL_AUTH) +#define BITMAP_X_CREDENTIALS (BITMAP_X_LOCAL_CREDENTIALS | BITMAP_X_REMOTE_CREDENTIALS | BITMAP_X_LOCAL_AUTH) #define BITMAP_X_FLOW (BITMAP_X_SRC_MASK | BITMAP_X_DST_MASK | BITMAP_X_PROTOCOL | BITMAP_X_SRC_FLOW | BITMAP_X_DST_FLOW) uint32_t sadb_exts_allowed_in[SADB_MAX+1] = @@ -418,6 +419,20 @@ pfkeyv2_parsemessage(void *p, int len, void **headers) return EINVAL; } break; + case SADB_X_EXT_LOCAL_AUTH: + { + struct sadb_cred *sadb_cred = (struct sadb_cred *)p; + + if (i < sizeof(struct sadb_cred)) + return EINVAL; + + if (sadb_cred->sadb_cred_type > SADB_AUTHTYPE_MAX) + return EINVAL; + + if (sadb_cred->sadb_cred_reserved) + return EINVAL; + } + break; case SADB_X_EXT_LOCAL_CREDENTIALS: case SADB_X_EXT_REMOTE_CREDENTIALS: { -- cgit v1.2.3