Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/sbin sync with latest libipsec and kernel.
details: https://anonhg.NetBSD.org/src/rev/f3a4bfbec68e
branches: trunk
changeset: 481447:f3a4bfbec68e
user: itojun <itojun%NetBSD.org@localhost>
date: Mon Jan 31 14:24:23 2000 +0000
description:
sync with latest libipsec and kernel.
diffstat:
sbin/ping/ping.c | 54 +++--
sbin/ping6/ping6.8 | 50 ++---
sbin/ping6/ping6.c | 482 +++++++++++++++++++++++++++++++++++++++++-----------
3 files changed, 432 insertions(+), 154 deletions(-)
diffs (truncated from 989 to 300 lines):
diff -r 3eaab11b8095 -r f3a4bfbec68e sbin/ping/ping.c
--- a/sbin/ping/ping.c Mon Jan 31 14:22:41 2000 +0000
+++ b/sbin/ping/ping.c Mon Jan 31 14:24:23 2000 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: ping.c,v 1.54 2000/01/20 01:04:41 mycroft Exp $ */
+/* $NetBSD: ping.c,v 1.55 2000/01/31 14:24:23 itojun Exp $ */
/*
* Copyright (c) 1989, 1993
@@ -62,7 +62,7 @@
#include <sys/cdefs.h>
#ifndef lint
-__RCSID("$NetBSD: ping.c,v 1.54 2000/01/20 01:04:41 mycroft Exp $");
+__RCSID("$NetBSD: ping.c,v 1.55 2000/01/31 14:24:23 itojun Exp $");
#endif
#include <stdio.h>
@@ -255,7 +255,8 @@
#endif
#ifdef IPSEC
#ifdef IPSEC_POLICY_IPSEC
- char *policy = NULL;
+ char *policy_in = NULL;
+ char *policy_out = NULL;
#endif
#endif
@@ -377,7 +378,12 @@
#ifdef IPSEC_POLICY_IPSEC
case 'E':
pingflags |= F_POLICY;
- policy = strdup(optarg);
+ if (!strncmp("in", optarg, 2))
+ policy_in = strdup(optarg);
+ else if (!strncmp("out", optarg, 3))
+ policy_out = strdup(optarg);
+ else
+ errx(1, "invalid security policy");
break;
#else
case 'A':
@@ -536,26 +542,34 @@
#ifdef IPSEC
#ifdef IPSEC_POLICY_IPSEC
{
- int len;
char *buf;
if (pingflags & F_POLICY) {
- if ((len = ipsec_get_policylen(policy)) < 0)
- errx(1, ipsec_strerror());
- if ((buf = malloc(len)) == NULL)
- err(1, "malloc");
- if ((len = ipsec_set_policy(buf, len, policy)) < 0)
- errx(1, ipsec_strerror());
- if (setsockopt(s, IPPROTO_IP, IP_IPSEC_POLICY, buf, len) < 0)
- err(1, "ipsec policy cannot be configured");
- free(buf);
+ if (policy_in != NULL) {
+ buf = ipsec_set_policy(policy_in, strlen(policy_in));
+ if (buf == NULL)
+ errx(1, ipsec_strerror());
+ if (setsockopt(s, IPPROTO_IP, IP_IPSEC_POLICY,
+ buf, ipsec_get_policylen(buf)) < 0) {
+ err(1, "ipsec policy cannot be configured");
+ }
+ free(buf);
+ }
+ if (policy_out != NULL) {
+ buf = ipsec_set_policy(policy_out, strlen(policy_out));
+ if (buf == NULL)
+ errx(1, ipsec_strerror());
+ if (setsockopt(s, IPPROTO_IP, IP_IPSEC_POLICY,
+ buf, ipsec_get_policylen(buf)) < 0) {
+ err(1, "ipsec policy cannot be configured");
+ }
+ free(buf);
+ }
}
- if ((len = ipsec_get_policylen("bypass")) < 0)
+ buf = ipsec_set_policy("out bypass", strlen("out bypass"));
+ if (buf == NULL)
errx(1, ipsec_strerror());
- if ((buf = malloc(len)) == NULL)
- err(1, "malloc");
- if ((len = ipsec_set_policy(buf, len, "bypass")) < 0)
- errx(1, ipsec_strerror());
- if (setsockopt(sloop, IPPROTO_IP, IP_IPSEC_POLICY, buf, len) < 0) {
+ if (setsockopt(sloop, IPPROTO_IP, IP_IPSEC_POLICY,
+ buf, ipsec_get_policylen(buf)) < 0) {
#if 0
warnx("ipsec is not configured");
#else
diff -r 3eaab11b8095 -r f3a4bfbec68e sbin/ping6/ping6.8
--- a/sbin/ping6/ping6.8 Mon Jan 31 14:22:41 2000 +0000
+++ b/sbin/ping6/ping6.8 Mon Jan 31 14:24:23 2000 +0000
@@ -25,8 +25,8 @@
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
-.\" $NetBSD: ping6.8,v 1.4 1999/12/15 05:02:39 itojun Exp $
-.\" KAME Id: ping6.8,v 1.7 1999/12/15 04:59:13 itojun Exp
+.\" $NetBSD: ping6.8,v 1.5 2000/01/31 14:24:24 itojun Exp $
+.\" KAME Id: ping6.8,v 1.11 1999/12/23 17:39:45 itojun Exp
.\"
.Dd May 17, 1998
.Dt PING6 8
@@ -39,9 +39,9 @@
.Sh SYNOPSIS
.Nm
.\" without ipsec, or new ipsec
-.Op Fl dfnqRrvw
+.Op Fl dfnqRvw
.\" old ipsec
-.\" .Op Fl AdEfnqRrvw
+.\" .Op Fl AdEfnqRvw
.Op Fl a Ar addrtype
.Op Fl b Ar bufsiz
.Op Fl c Ar count
@@ -54,6 +54,7 @@
.Op Fl P Ar policy
.Op Fl S Ar sourceaddr
.Op Fl s Ar packetsize
+.Op Ar hops...
.Ar host
.Sh DESCRIPTION
.Nm
@@ -175,31 +176,19 @@
Nothing is displayed except the summary lines at startup time and
when finished.
.It Fl R
-Record route.
-Includes the
-.Tn RECORD_ROUTE
-option in the
-.Tn ECHO_REQUEST
-packet and displays
-the route buffer on returned packets.
-Note that the IP header is only large enough for nine such routes;
-the
-.Xr traceroute 8
-command is usually better at determining the route packets take to a
-particular destination.
-Many hosts ignore or discard the
-.Tn RECORD_ROUTE
-option.
-.It Fl r
-Bypass the normal routing tables and send directly to a host on an attached
-network.
-If the host is not on a directly-attached network, an error is returned.
-This option can be used to ping a local host through an interface
-that has no route through it
+Make the kernel believe that the target
+.Ar host
.Po
-e.g., after the interface was dropped by
-.Xr routed 8
-.Pc .
+or the first
+.Ar hop
+if you specify
+.Ar hops
+.Pc
+is reachable, by injecting upper-layer reachability confirmation hint.
+The option is meaningful only if the target
+.Ar host
+.Pq or the first hop
+is a neighbor.
.It Fl S Ar sourceaddr
Specifies the source address of request packets.
The source address must be one of the unicast addresses of the sending
@@ -238,6 +227,11 @@
has no effect if
.Fl w
is specified.
+.It Ar hops
+IPv6 addresses for intermediate nodes,
+which will be put into type 0 routing header.
+.It Ar host
+IPv6 adddress of the final destination node.
.El
.Pp
When using
diff -r 3eaab11b8095 -r f3a4bfbec68e sbin/ping6/ping6.c
--- a/sbin/ping6/ping6.c Mon Jan 31 14:22:41 2000 +0000
+++ b/sbin/ping6/ping6.c Mon Jan 31 14:24:23 2000 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: ping6.c,v 1.10 2000/01/22 10:01:41 tron Exp $ */
+/* $NetBSD: ping6.c,v 1.11 2000/01/31 14:24:25 itojun Exp $ */
/*
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@@ -80,7 +80,7 @@
#else
#include <sys/cdefs.h>
#ifndef lint
-__RCSID("$NetBSD: ping6.c,v 1.10 2000/01/22 10:01:41 tron Exp $");
+__RCSID("$NetBSD: ping6.c,v 1.11 2000/01/31 14:24:25 itojun Exp $");
#endif
#endif
@@ -102,7 +102,7 @@
/*
* NOTE:
* USE_SIN6_SCOPE_ID assumes that sin6_scope_id has the same semantics
- * as IPV6_PKTINFO. Some objects it (sin6_scope_id specifies *link* while
+ * as IPV6_PKTINFO. Some people object it (sin6_scope_id specifies *link* while
* IPV6_PKTINFO specifies *interface*. Link is defined as collection of
* network attached to 1 or more interfaces)
*/
@@ -176,6 +176,9 @@
#define F_FQDN 0x1000
#define F_INTERFACE 0x2000
#define F_SRCADDR 0x4000
+#ifdef IPV6_REACHCONF
+#define F_REACHCONF 0x8000
+#endif
u_int options;
#define IN6LEN sizeof(struct in6_addr)
@@ -233,6 +236,7 @@
int main __P((int, char *[]));
void fill __P((char *, char *));
int get_hoplim __P((struct msghdr *));
+struct in6_pktinfo *get_rcvpktinfo __P((struct msghdr *));
void onalrm __P((int));
void oninfo __P((int));
void onint __P((int));
@@ -242,9 +246,13 @@
void pr_iph __P((struct ip6_hdr *));
void pr_nodeaddr __P((struct icmp6_nodeinfo *, int));
void pr_pack __P((u_char *, int, struct msghdr *));
+void pr_exthdrs __P((struct msghdr *));
+void pr_ip6opt __P((void *));
+void pr_rthdr __P((void *));
void pr_retip __P((struct ip6_hdr *, u_char *));
void summary __P((void));
void tvsub __P((struct timeval *, struct timeval *));
+int setpolicy __P((int, char *));
void usage __P((void));
int
@@ -266,8 +274,12 @@
int sockbufsize = 0;
int usepktinfo = 0;
struct in6_pktinfo *pktinfo = NULL;
+#ifdef USE_RFC2292BIS
+ struct ip6_rthdr *rthdr = NULL;
+#endif
#ifdef IPSEC_POLICY_IPSEC
- char *policy = NULL;
+ char *policy_in = NULL;
+ char *policy_out = NULL;
#endif
/* just to be sure */
@@ -277,12 +289,12 @@
preload = 0;
datap = &outpack[ICMP6ECHOLEN + ICMP6ECHOTMLEN];
#ifndef IPSEC
- while ((ch = getopt(argc, argv, "a:b:c:dfh:I:i:l:np:qRrS:s:vwW")) != EOF)
+ while ((ch = getopt(argc, argv, "a:b:c:dfh:I:i:l:np:qS:s:vwW")) != EOF)
#else
#ifdef IPSEC_POLICY_IPSEC
- while ((ch = getopt(argc, argv, "a:b:c:dfh:I:i:l:np:qRrS:s:vwWP:")) != EOF)
+ while ((ch = getopt(argc, argv, "a:b:c:dfh:I:i:l:np:qS:s:vwWP:")) != EOF)
#else
- while ((ch = getopt(argc, argv, "a:b:c:dfh:I:i:l:np:qRrS:s:vwWAE")) != EOF)
+ while ((ch = getopt(argc, argv, "a:b:c:dfh:I:i:l:np:qS:s:vwWAE")) != EOF)
#endif /*IPSEC_POLICY_IPSEC*/
#endif
switch(ch) {
@@ -364,6 +376,10 @@
options |= F_INTERVAL;
break;
case 'l':
+ if (getuid()) {
+ errno = EPERM;
+ errx(1, "Must be superuser to preload");
+ }
preload = strtol(optarg, &e, 10);
if (preload < 0 || *optarg == '\0' || *e != '\0')
errx(1, "illegal preload value -- %s", optarg);
@@ -378,9 +394,11 @@
case 'q':
options |= F_QUIET;
break;
+#ifdef IPV6_REACHCONF
case 'R':
- options |= F_RROUTE;
+ options |= F_REACHCONF;
break;
+#endif
case 'S':
/* XXX: use getaddrinfo? */
if (inet_pton(AF_INET6, optarg, (void *)&srcaddr) != 1)
@@ -408,7 +426,12 @@
#ifdef IPSEC_POLICY_IPSEC
case 'P':
options |= F_POLICY;
Home |
Main Index |
Thread Index |
Old Index