Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/sys Make SCTP work when IPSEC is also defined.
details: https://anonhg.NetBSD.org/src/rev/c6fdd83557db
branches: trunk
changeset: 827167:c6fdd83557db
user: rjs <rjs%NetBSD.org@localhost>
date: Tue Oct 17 19:23:42 2017 +0000
description:
Make SCTP work when IPSEC is also defined.
diffstat:
sys/netinet/sctp_pcb.c | 46 +++++++++++++++++++++++++++++---------------
sys/netinet/sctp_usrreq.c | 5 ++-
sys/netinet6/sctp6_usrreq.c | 7 ++++-
3 files changed, 38 insertions(+), 20 deletions(-)
diffs (161 lines):
diff -r 96d3ce3a6d56 -r c6fdd83557db sys/netinet/sctp_pcb.c
--- a/sys/netinet/sctp_pcb.c Tue Oct 17 19:18:30 2017 +0000
+++ b/sys/netinet/sctp_pcb.c Tue Oct 17 19:23:42 2017 +0000
@@ -1,5 +1,5 @@
/* $KAME: sctp_pcb.c,v 1.39 2005/06/16 18:29:25 jinmei Exp $ */
-/* $NetBSD: sctp_pcb.c,v 1.14 2017/10/17 19:18:30 rjs Exp $ */
+/* $NetBSD: sctp_pcb.c,v 1.15 2017/10/17 19:23:42 rjs Exp $ */
/*
* Copyright (c) 2001, 2002, 2003, 2004 Cisco Systems, Inc.
@@ -33,10 +33,11 @@
* SUCH DAMAGE.
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: sctp_pcb.c,v 1.14 2017/10/17 19:18:30 rjs Exp $");
+__KERNEL_RCSID(0, "$NetBSD: sctp_pcb.c,v 1.15 2017/10/17 19:23:42 rjs Exp $");
#ifdef _KERNEL_OPT
#include "opt_inet.h"
+#include "opt_ipsec.h"
#include "opt_sctp.h"
#endif /* _KERNEL_OPT */
@@ -1302,6 +1303,9 @@
#ifdef DEBUG
struct sctp_inpcb *n_inp;
#endif
+#ifdef IPSEC
+ struct inpcbpolicy *pcb_sp = NULL;
+#endif
struct sctp_pcb *m;
struct timeval time;
@@ -1358,22 +1362,16 @@
inp->ip_inp.inp.inp_socket = so;
inp->sctp_frag_point = SCTP_DEFAULT_MAXSEGMENT;
#ifdef IPSEC
-#if !(defined(__OpenBSD__) || defined(__APPLE__))
- {
- struct inpcbpolicy *pcb_sp = NULL;
+ if (ipsec_enabled) {
error = ipsec_init_pcbpolicy(so, &pcb_sp);
+ if (error != 0) {
+ SCTP_ZONE_FREE(sctppcbinfo.ipi_zone_ep, inp);
+ SCTP_INP_INFO_WUNLOCK();
+ return error;
+ }
/* Arrange to share the policy */
inp->ip_inp.inp.inp_sp = pcb_sp;
- ((struct in6pcb *)(&inp->ip_inp.inp))->in6p_sp = pcb_sp;
- }
-#else
- /* not sure what to do for openbsd here */
- error = 0;
-#endif
- if (error != 0) {
- SCTP_ZONE_FREE(sctppcbinfo.ipi_zone_ep, inp);
- SCTP_INP_INFO_WUNLOCK();
- return error;
+ pcb_sp->sp_inph = (struct inpcb_hdr *)inp;
}
#endif /* IPSEC */
sctppcbinfo.ipi_count_ep++;
@@ -1682,6 +1680,9 @@
if (sin->sin_addr.s_addr != INADDR_ANY) {
bindall = 0;
}
+#ifdef IPSEC
+ inp->ip_inp.inp.inp_af = AF_INET;
+#endif
} else if (addr->sa_family == AF_INET6) {
/* Only for pure IPv6 Address. (No IPv4 Mapped!) */
struct sockaddr_in6 *sin6;
@@ -1703,9 +1704,21 @@
/* this must be cleared for ifa_ifwithaddr() */
sin6->sin6_scope_id = 0;
#endif /* SCOPEDROUTING */
+#ifdef IPSEC
+ inp->ip_inp.inp.inp_af = AF_INET6;
+#endif
} else {
return (EAFNOSUPPORT);
}
+#ifdef IPSEC
+ if (ipsec_enabled) {
+ inp->ip_inp.inp.inp_socket = so;
+ error = ipsec_init_pcbpolicy(so, &inp->ip_inp.inp.inp_sp);
+ if (error != 0)
+ return (error);
+ inp->ip_inp.inp.inp_sp->sp_inph = (struct inpcb_hdr *)inp;
+ }
+#endif
}
SCTP_INP_INFO_WLOCK();
#ifdef SCTP_DEBUG
@@ -2139,7 +2152,8 @@
if (so) {
/* First take care of socket level things */
#ifdef IPSEC
- ipsec4_delete_pcbpolicy(ip_pcb);
+ if (ipsec_enabled)
+ ipsec4_delete_pcbpolicy(ip_pcb);
#endif /*IPSEC*/
so->so_pcb = 0;
}
diff -r 96d3ce3a6d56 -r c6fdd83557db sys/netinet/sctp_usrreq.c
--- a/sys/netinet/sctp_usrreq.c Tue Oct 17 19:18:30 2017 +0000
+++ b/sys/netinet/sctp_usrreq.c Tue Oct 17 19:23:42 2017 +0000
@@ -1,5 +1,5 @@
/* $KAME: sctp_usrreq.c,v 1.50 2005/06/16 20:45:29 jinmei Exp $ */
-/* $NetBSD: sctp_usrreq.c,v 1.7 2017/10/17 16:07:18 rjs Exp $ */
+/* $NetBSD: sctp_usrreq.c,v 1.8 2017/10/17 19:23:42 rjs Exp $ */
/*
* Copyright (c) 2001, 2002, 2003, 2004 Cisco Systems, Inc.
@@ -33,7 +33,7 @@
* SUCH DAMAGE.
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: sctp_usrreq.c,v 1.7 2017/10/17 16:07:18 rjs Exp $");
+__KERNEL_RCSID(0, "$NetBSD: sctp_usrreq.c,v 1.8 2017/10/17 19:23:42 rjs Exp $");
#ifdef _KERNEL_OPT
#include "opt_inet.h"
@@ -528,6 +528,7 @@
inp->sctp_flags &= ~SCTP_PCB_FLAGS_BOUND_V6; /* I'm not v6! */
#ifdef IPSEC
ip_inp = &inp->ip_inp.inp;
+ ip_inp->inp_af = proto;
#endif
inp->inp_vflag |= INP_IPV4;
inp->inp_ip_ttl = ip_defttl;
diff -r 96d3ce3a6d56 -r c6fdd83557db sys/netinet6/sctp6_usrreq.c
--- a/sys/netinet6/sctp6_usrreq.c Tue Oct 17 19:18:30 2017 +0000
+++ b/sys/netinet6/sctp6_usrreq.c Tue Oct 17 19:23:42 2017 +0000
@@ -1,5 +1,5 @@
/* $KAME: sctp6_usrreq.c,v 1.38 2005/08/24 08:08:56 suz Exp $ */
-/* $NetBSD: sctp6_usrreq.c,v 1.13 2017/04/20 09:19:19 ozaki-r Exp $ */
+/* $NetBSD: sctp6_usrreq.c,v 1.14 2017/10/17 19:23:42 rjs Exp $ */
/*
* Copyright (c) 2001, 2002, 2003, 2004 Cisco Systems, Inc.
@@ -33,7 +33,7 @@
* SUCH DAMAGE.
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: sctp6_usrreq.c,v 1.13 2017/04/20 09:19:19 ozaki-r Exp $");
+__KERNEL_RCSID(0, "$NetBSD: sctp6_usrreq.c,v 1.14 2017/10/17 19:23:42 rjs Exp $");
#ifdef _KERNEL_OPT
#include "opt_inet.h"
@@ -609,6 +609,9 @@
}
so->so_send = sctp_sosend;
+#ifdef IPSEC
+ inp6->in6p_af = proto;
+#endif
inp6->in6p_hops = -1; /* use kernel default */
inp6->in6p_cksum = -1; /* just to be sure */
#ifdef INET
Home |
Main Index |
Thread Index |
Old Index