netdev
[Top] [All Lists]

Re: [PATCH] IPv6 IPsec support

To: "David S. Miller" <davem@xxxxxxxxxx>
Subject: Re: [PATCH] IPv6 IPsec support
From: Mitsuru KANDA / 神田 充 <mk@xxxxxxxxxx>
Date: Thu, 20 Feb 2003 01:56:48 +0900
Cc: kunihiro@xxxxxxxxxxxxxx, kuznet@xxxxxxxxxxxxx, netdev@xxxxxxxxxxx, usagi-core@xxxxxxxxxxxxxx
In-reply-to: <20030218.233301.98333082.davem@xxxxxxxxxx>
References: <20030219134850.5f203ea7.Kazunori.Miyazawa@xxxxxxxxxxxxxxx> <20030218.233301.98333082.davem@xxxxxxxxxx>
Sender: netdev-bounce@xxxxxxxxxxx
User-agent: User-Agent: Wanderlust/2.10.0 (Venus) Emacs/21.2 Mule/5.0 (SAKAKI)
Hello David,

> 1) Please, can you split out seperate patch for changes
>    to net/ipv4/xfrm_user.c?  They are independant.
> 
>    Kunihiro sent me identical patch, so please could you
>    add him to credits in comment?  Thank you.
I attached xfrm_user.c patch below.


Just FYI, 
the IPv6 part of this patch depends xfrm6_state_lookup().

Sincerely,

Mitsuru KANDA (mk@xxxxxxxxxx)
 USAGI Project (mk@xxxxxxxxxxxxxx)



diff -uNr linux-2.5.62.org/net/ipv4/xfrm_user.c 
linux-2.5.62/net/ipv4/xfrm_user.c
--- linux-2.5.62.org/net/ipv4/xfrm_user.c       2003-02-18 07:56:17.000000000 
+0900
+++ linux-2.5.62/net/ipv4/xfrm_user.c   2003-02-20 00:00:57.000000000 +0900
@@ -1,6 +1,13 @@
 /* xfrm_user.c: User interface to configure xfrm engine.
  *
  * Copyright (C) 2002 David S. Miller (davem@xxxxxxxxxx)
+ *
+ * Changes
+ *
+ *     Mitsuru KANDA @USAGI       : IPv6 Support 
+ *     Kazunori MIYAZAWA @USAGI   :
+ *     Kunihiro Ishiguro          :
+ *     
  */
 
 #include <linux/module.h>
@@ -17,6 +24,9 @@
 #include <linux/ipsec.h>
 #include <linux/init.h>
 #include <linux/security.h>
+#if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
+#include <linux/in6.h>
+#endif
 #include <net/sock.h>
 #include <net/xfrm.h>
 
@@ -63,11 +73,13 @@
        case AF_INET:
                break;
 
-       case AF_INET6: /* XXX */
-               err = -EAFNOSUPPORT;
+#if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
+       case AF_INET6:
+               break;
+#endif
 
-               /* fallthru */
        default:
+               err = -EAFNOSUPPORT;
                goto out;
        };
 
@@ -206,8 +218,21 @@
        if (!x)
                return err;
 
-       x1 = xfrm_state_lookup(x->props.saddr.xfrm4_addr,
-                              x->id.spi, x->id.proto);
+       switch (p->family) {
+       case AF_INET:
+               x1 = xfrm_state_lookup(x->props.saddr.xfrm4_addr, 
+                               x->id.spi, x->id.proto);
+               break;
+#if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
+       case AF_INET6:
+               x1 = xfrm6_state_lookup((struct in6_addr *)&x->props.saddr,
+                               x->id.spi,x->id.proto);
+               break;
+#endif
+       default:
+               return -EAFNOSUPPORT;
+       }
+
        if (x1) {
                xfrm_state_put(x);
                xfrm_state_put(x1);
@@ -224,7 +249,19 @@
        struct xfrm_state *x;
        struct xfrm_usersa_id *p = NLMSG_DATA(nlh);
 
-       x = xfrm_state_lookup(p->saddr.xfrm4_addr, p->spi, p->proto);
+       switch (p->family) {
+       case AF_INET:
+               x = xfrm_state_lookup(p->saddr.xfrm4_addr, p->spi, p->proto);
+               break;
+#if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
+       case AF_INET6:
+               x = xfrm6_state_lookup((struct in6_addr *)&p->saddr, p->spi, 
p->proto);
+               break;
+#endif
+       default:
+               return -EAFNOSUPPORT;
+       }
+
        if (x == NULL)
                return -ESRCH;
 
@@ -342,7 +379,19 @@
        struct sk_buff *resp_skb;
        int err;
 
-       x = xfrm_state_lookup(p->saddr.xfrm4_addr, p->spi, p->proto);
+       switch (p->family) {
+       case AF_INET:
+               x = xfrm_state_lookup(p->saddr.xfrm4_addr, p->spi, p->proto);
+               break;
+#if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
+       case AF_INET6:
+               x = xfrm6_state_lookup((struct in6_addr *)&p->saddr, p->spi, 
p->proto);
+               break;
+#endif
+       default:
+               return -EAFNOSUPPORT;
+       }
+
        err = -ESRCH;
        if (x == NULL)
                goto out_noput;
@@ -393,9 +442,25 @@
        err = verify_userspi_info(p);
        if (err)
                goto out_noput;
-       x = xfrm_find_acq(p->info.mode, p->info.reqid, p->info.id.proto,
-                         p->info.sel.daddr.xfrm4_addr,
-                         p->info.sel.saddr.xfrm4_addr, 1);
+
+       switch (p->info.family) {
+       case AF_INET:
+               x = xfrm_find_acq(p->info.mode, p->info.reqid, 
p->info.id.proto, 
+                               p->info.sel.daddr.xfrm4_addr, 
+                               p->info.sel.saddr.xfrm4_addr, 1);
+               break;
+#if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
+       case AF_INET6:
+               x = xfrm6_find_acq(p->info.mode, p->info.reqid, 
p->info.id.proto,
+                               (struct in6_addr *)&p->info.sel.daddr,
+                               (struct in6_addr *)&p->info.sel.saddr, 1);
+               break;
+#endif
+       default:
+               err = -EAFNOSUPPORT;
+               goto out_noput;
+       }
+
        err = -ENOENT;
        if (x == NULL)
                goto out_noput;


<Prev in Thread] Current Thread [Next in Thread>