[src/trunk]: src/crypto/dist/ipsec-tools/src/racoon Extern admin protocol to ...

[tteras <tteras%NetBSD.org@localhost>]

details:   https://anonhg.NetBSD.org/src/rev/3a7acb6e17f6
branches:  trunk
changeset: 758650:3a7acb6e17f6
user:      tteras <tteras%NetBSD.org@localhost>
date:      Fri Nov 12 09:08:26 2010 +0000

description:
Extern admin protocol to allow reply packets to exceed 64kb. E.g SA dumps
with many established SAs can be easily over the limit.

diffstat:

 crypto/dist/ipsec-tools/src/racoon/admin.c     |  12 +++++++++---
 crypto/dist/ipsec-tools/src/racoon/admin.h     |   5 ++++-
 crypto/dist/ipsec-tools/src/racoon/kmpstat.c   |  18 ++++++++++++------
 crypto/dist/ipsec-tools/src/racoon/racoonctl.c |  10 +++++++---
 4 files changed, 32 insertions(+), 13 deletions(-)

diffs (130 lines):

diff -r ef8a96dc2123 -r 3a7acb6e17f6 crypto/dist/ipsec-tools/src/racoon/admin.c
--- a/crypto/dist/ipsec-tools/src/racoon/admin.c        Fri Nov 12 07:59:24 2010 +0000
+++ b/crypto/dist/ipsec-tools/src/racoon/admin.c        Fri Nov 12 09:08:26 2010 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: admin.c,v 1.35 2010/10/21 06:15:28 tteras Exp $        */
+/*     $NetBSD: admin.c,v 1.36 2010/11/12 09:08:26 tteras Exp $        */
 
 /* Id: admin.c,v 1.25 2006/04/06 14:31:04 manubsd Exp */
 
@@ -638,9 +638,15 @@
        }
 
        combuf = (struct admin_com *) retbuf;
-       combuf->ac_len = tlen;
+       combuf->ac_len = (u_int16_t) tlen;
        combuf->ac_cmd = req->ac_cmd & ~ADMIN_FLAG_VERSION;
-       combuf->ac_errno = l_ac_errno;
+       if (tlen != (u_int32_t) combuf->ac_len &&
+           l_ac_errno == 0) {
+               combuf->ac_len_high = tlen >> 16;
+               combuf->ac_cmd |= ADMIN_FLAG_LONG_REPLY;
+       } else {
+               combuf->ac_errno = l_ac_errno;
+       }
        combuf->ac_proto = req->ac_proto;
 
        if (buf != NULL)
diff -r ef8a96dc2123 -r 3a7acb6e17f6 crypto/dist/ipsec-tools/src/racoon/admin.h
--- a/crypto/dist/ipsec-tools/src/racoon/admin.h        Fri Nov 12 07:59:24 2010 +0000
+++ b/crypto/dist/ipsec-tools/src/racoon/admin.h        Fri Nov 12 09:08:26 2010 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: admin.h,v 1.7 2008/08/29 00:30:15 gmcgarry Exp $       */
+/*     $NetBSD: admin.h,v 1.8 2010/11/12 09:08:26 tteras Exp $ */
 
 /* Id: admin.h,v 1.11 2005/06/19 22:37:47 manubsd Exp */
 
@@ -49,16 +49,19 @@
        union {
                int16_t ac_un_errno;
                uint16_t ac_un_version;
+               uint16_t ac_un_len_high;
        } u;
        u_int16_t ac_proto;
 };
 #define ac_errno u.ac_un_errno
 #define ac_version u.ac_un_version
+#define ac_len_high u.ac_un_len_high
 
 /*
  * Version field in request is valid.
  */
 #define ADMIN_FLAG_VERSION     0x8000
+#define ADMIN_FLAG_LONG_REPLY  0x8000
 
 /*
  * No data follows as the data.
diff -r ef8a96dc2123 -r 3a7acb6e17f6 crypto/dist/ipsec-tools/src/racoon/kmpstat.c
--- a/crypto/dist/ipsec-tools/src/racoon/kmpstat.c      Fri Nov 12 07:59:24 2010 +0000
+++ b/crypto/dist/ipsec-tools/src/racoon/kmpstat.c      Fri Nov 12 09:08:26 2010 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: kmpstat.c,v 1.6 2007/10/02 09:47:45 vanhu Exp $        */
+/*     $NetBSD: kmpstat.c,v 1.7 2010/11/12 09:08:26 tteras Exp $       */
 
 /*     $KAME: kmpstat.c,v 1.33 2004/08/16 08:20:28 itojun Exp $        */
 
@@ -138,7 +138,7 @@
 {
        struct admin_com h, *com;
        caddr_t buf;
-       int len;
+       int len, rlen;
        int l = 0;
        caddr_t p;
 
@@ -153,19 +153,25 @@
        if (len < sizeof(h))
                goto bad1;
 
-       if (h.ac_errno) {
+       if (h.ac_errno && !(h.ac_cmd & ADMIN_FLAG_LONG_REPLY)) {
                errno = h.ac_errno;
                goto bad1;
        }
 
+       /* real length */
+       if (h.ac_cmd & ADMIN_FLAG_LONG_REPLY)
+               rlen = ((u_int32_t)h.ac_len) + (((u_int32_t)h.ac_len_high) << 16);
+       else
+               rlen = h.ac_len;
+
        /* allocate buffer */
-       if ((*combufp = vmalloc(h.ac_len)) == NULL)
+       if ((*combufp = vmalloc(rlen)) == NULL)
                goto bad1;
 
        /* read real message */
        p = (*combufp)->v;
-       while (l < len) {
-               if ((len = recv(so, p, h.ac_len, 0)) < 0) {
+       while (l < rlen) {
+               if ((len = recv(so, p, rlen - l, 0)) < 0) {
                        perror("recv");
                        goto bad2;
                }
diff -r ef8a96dc2123 -r 3a7acb6e17f6 crypto/dist/ipsec-tools/src/racoon/racoonctl.c
--- a/crypto/dist/ipsec-tools/src/racoon/racoonctl.c    Fri Nov 12 07:59:24 2010 +0000
+++ b/crypto/dist/ipsec-tools/src/racoon/racoonctl.c    Fri Nov 12 09:08:26 2010 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: racoonctl.c,v 1.17 2009/04/20 13:22:00 tteras Exp $    */
+/*     $NetBSD: racoonctl.c,v 1.18 2010/11/12 09:08:26 tteras Exp $    */
 
 /*     Id: racoonctl.c,v 1.11 2006/04/06 17:06:25 manubsd Exp */
 
@@ -1426,10 +1426,14 @@
         int len;
 
        com = (struct admin_com *)combuf->v;
-       len = com->ac_len - sizeof(*com);
+       if (com->ac_cmd & ADMIN_FLAG_LONG_REPLY)
+               len = ((u_int32_t)com->ac_len) + (((u_int32_t)com->ac_len_high) << 16);
+       else
+               len = com->ac_len;
+       len -= sizeof(*com);
        buf = combuf->v + sizeof(*com);
 
-       switch (com->ac_cmd) {
+       switch (com->ac_cmd & ~ADMIN_FLAG_LONG_REPLY) {
        case ADMIN_SHOW_SCHED:
                print_schedule(buf, len);
                break;