d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fixed the value of the prefixlen in the sadb_address structure.

Browse Source 
When pfkey message relative to SA is sent, the prefixlen was incorrect.

Obtained from:	KAME
MFC after:	1 week
This commit is contained in:
ume 2001-10-22 20:19:47 +00:00
parent 9ecacc3d02
commit 4ec2993d48
1 changed files with 20 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
sys/netkey/key.c
View File

@ -111,6 +111,8 @@
#define satosin(s) ((struct sockaddr_in *)s)
#endif
#define FULLMASK 0xff
/*
* Note on SA reference counting:
* - SAs that are not in DEAD state will have (total external reference + 1)
@ -3426,7 +3428,7 @@ key_setdumpsa(sav, type, satype, seq, pid)
case SADB_EXT_ADDRESS_SRC:
m = key_setsadbaddr(SADB_EXT_ADDRESS_SRC,
(struct sockaddr *)&sav->sah->saidx.src,
sav->sah->saidx.src.ss_len << 3, IPSEC_ULPROTO_ANY);
FULLMASK, IPSEC_ULPROTO_ANY);
if (!m)
goto fail;
break;
@ -3434,7 +3436,7 @@ key_setdumpsa(sav, type, satype, seq, pid)
case SADB_EXT_ADDRESS_DST:
m = key_setsadbaddr(SADB_EXT_ADDRESS_DST,
(struct sockaddr *)&sav->sah->saidx.dst,
sav->sah->saidx.dst.ss_len << 3, IPSEC_ULPROTO_ANY);
FULLMASK, IPSEC_ULPROTO_ANY);
if (!m)
goto fail;
break;
@ -3636,6 +3638,18 @@ key_setsadbaddr(exttype, saddr, prefixlen, ul_proto)
p->sadb_address_len = PFKEY_UNIT64(len);
p->sadb_address_exttype = exttype;
p->sadb_address_proto = ul_proto;
if (prefixlen == FULLMASK) {
switch (saddr->sa_family) {
case AF_INET:
prefixlen = sizeof(struct in_addr) << 3;
break;
case AF_INET6:
prefixlen = sizeof(struct in6_addr) << 3;
break;
default:
; /*XXX*/
}
}
p->sadb_address_prefixlen = prefixlen;
p->sadb_address_reserved = 0;
@ -5916,8 +5930,7 @@ key_acquire(saidx, sp)
/* set sadb_address for saidx's. */
m = key_setsadbaddr(SADB_EXT_ADDRESS_SRC,
(struct sockaddr *)&saidx->src, saidx->src.ss_len << 3,
IPSEC_ULPROTO_ANY);
(struct sockaddr *)&saidx->src, FULLMASK, IPSEC_ULPROTO_ANY);
if (!m) {
error = ENOBUFS;
goto fail;
@ -5925,8 +5938,7 @@ key_acquire(saidx, sp)
m_cat(result, m);
m = key_setsadbaddr(SADB_EXT_ADDRESS_DST,
(struct sockaddr *)&saidx->dst, saidx->dst.ss_len << 3,
IPSEC_ULPROTO_ANY);
(struct sockaddr *)&saidx->dst, FULLMASK, IPSEC_ULPROTO_ANY);
if (!m) {
error = ENOBUFS;
goto fail;
@ -6558,7 +6570,7 @@ key_expire(sav)
/* set sadb_address for source */
m = key_setsadbaddr(SADB_EXT_ADDRESS_SRC,
(struct sockaddr *)&sav->sah->saidx.src,
sav->sah->saidx.src.ss_len << 3, IPSEC_ULPROTO_ANY);
FULLMASK, IPSEC_ULPROTO_ANY);
if (!m) {
error = ENOBUFS;
goto fail;
@ -6568,7 +6580,7 @@ key_expire(sav)
/* set sadb_address for destination */
m = key_setsadbaddr(SADB_EXT_ADDRESS_DST,
(struct sockaddr *)&sav->sah->saidx.dst,
sav->sah->saidx.dst.ss_len << 3, IPSEC_ULPROTO_ANY);
FULLMASK, IPSEC_ULPROTO_ANY);
if (!m) {
error = ENOBUFS;
goto fail;