diff options
| author |   markus <markus@openbsd.org> | 2003-12-02 23:16:28 +0000 |
|---|---|---|
| committer | markus <markus@openbsd.org> | 2003-12-02 23:16:28 +0000 |
| commit | ed4bea918660fb0a9e5e49ccec72879cd9a917f7 (patch) | |
| tree | e54f58cceab9ddebf76b93faf2402e1d59fe361c /sys/net/pfkeyv2_parsemessage.c | |
| parent | delete nasty mickey change (diff) | |
| download | wireguard-openbsd-ed4bea918660fb0a9e5e49ccec72879cd9a917f7.tar.xz wireguard-openbsd-ed4bea918660fb0a9e5e49ccec72879cd9a917f7.zip | |
UDP encapsulation for ESP in transport mode (draft-ietf-ipsec-udp-encaps-XX.txt)
ok deraadt@
Diffstat (limited to 'sys/net/pfkeyv2_parsemessage.c')
| -rw-r--r-- | sys/net/pfkeyv2_parsemessage.c | 18 |
1 files changed, 13 insertions, 5 deletions
diff --git a/sys/net/pfkeyv2_parsemessage.c b/sys/net/pfkeyv2_parsemessage.c index 2659832b0d8..762d1159f75 100644 --- a/sys/net/pfkeyv2_parsemessage.c +++ b/sys/net/pfkeyv2_parsemessage.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pfkeyv2_parsemessage.c,v 1.36 2003/02/16 21:30:13 deraadt Exp $ */ +/* $OpenBSD: pfkeyv2_parsemessage.c,v 1.37 2003/12/02 23:16:29 markus Exp $ */ /* * @(#)COPYRIGHT 1.1 (NRL) 17 January 1995 @@ -121,6 +121,7 @@ extern int encdebug; #define BITMAP_X_CREDENTIALS (BITMAP_X_LOCAL_CREDENTIALS | BITMAP_X_REMOTE_CREDENTIALS | BITMAP_X_LOCAL_AUTH | BITMAP_X_REMOTE_AUTH) #define BITMAP_X_FLOW (BITMAP_X_SRC_MASK | BITMAP_X_DST_MASK | BITMAP_X_PROTOCOL | BITMAP_X_SRC_FLOW | BITMAP_X_DST_FLOW | BITMAP_X_FLOW_TYPE) #define BITMAP_X_SUPPORTED_COMP (1 << SADB_X_EXT_SUPPORTED_COMP) +#define BITMAP_X_UDPENCAP (1 << SADB_X_EXT_UDPENCAP) uint32_t sadb_exts_allowed_in[SADB_MAX+1] = { @@ -129,9 +130,9 @@ uint32_t sadb_exts_allowed_in[SADB_MAX+1] = /* GETSPI */ BITMAP_ADDRESS_SRC | BITMAP_ADDRESS_DST | BITMAP_SPIRANGE, /* UPDATE */ - BITMAP_SA | BITMAP_LIFETIME | BITMAP_ADDRESS | BITMAP_KEY | BITMAP_IDENTITY | BITMAP_X_CREDENTIALS | BITMAP_X_FLOW, + BITMAP_SA | BITMAP_LIFETIME | BITMAP_ADDRESS | BITMAP_KEY | BITMAP_IDENTITY | BITMAP_X_CREDENTIALS | BITMAP_X_FLOW | BITMAP_X_UDPENCAP, /* ADD */ - BITMAP_SA | BITMAP_LIFETIME | BITMAP_ADDRESS | BITMAP_KEY | BITMAP_IDENTITY | BITMAP_X_CREDENTIALS | BITMAP_X_FLOW, + BITMAP_SA | BITMAP_LIFETIME | BITMAP_ADDRESS | BITMAP_KEY | BITMAP_IDENTITY | BITMAP_X_CREDENTIALS | BITMAP_X_FLOW | BITMAP_X_UDPENCAP, /* DELETE */ BITMAP_SA | BITMAP_ADDRESS_SRC | BITMAP_ADDRESS_DST, /* GET */ @@ -201,9 +202,9 @@ uint32_t sadb_exts_allowed_out[SADB_MAX+1] = /* GETSPI */ BITMAP_SA | BITMAP_ADDRESS_SRC | BITMAP_ADDRESS_DST, /* UPDATE */ - BITMAP_SA | BITMAP_LIFETIME | BITMAP_ADDRESS | BITMAP_IDENTITY | BITMAP_X_CREDENTIALS | BITMAP_X_FLOW, + BITMAP_SA | BITMAP_LIFETIME | BITMAP_ADDRESS | BITMAP_IDENTITY | BITMAP_X_CREDENTIALS | BITMAP_X_FLOW | BITMAP_X_UDPENCAP, /* ADD */ - BITMAP_SA | BITMAP_LIFETIME | BITMAP_ADDRESS | BITMAP_IDENTITY | BITMAP_X_CREDENTIALS | BITMAP_X_FLOW, + BITMAP_SA | BITMAP_LIFETIME | BITMAP_ADDRESS | BITMAP_IDENTITY | BITMAP_X_CREDENTIALS | BITMAP_X_FLOW | BITMAP_X_UDPENCAP, /* DELETE */ BITMAP_SA | BITMAP_ADDRESS_SRC | BITMAP_ADDRESS_DST, /* GET */ @@ -919,6 +920,13 @@ pfkeyv2_parsemessage(void *p, int len, void **headers) } } break; + case SADB_X_EXT_UDPENCAP: + if (i != sizeof(struct sadb_x_udpencap)) { + DPRINTF(("pfkeyv2_parsemessage: bad UDPENCAP " + "header length\n")); + return (EINVAL); + } + break; default: DPRINTF(("pfkeyv2_parsemessage: unknown extension " "header type %d\n", |