diff options
| author | ume <ume@FreeBSD.org> | 2001-10-22 20:19:47 +0000 |
|---|---|---|
| committer | ume <ume@FreeBSD.org> | 2001-10-22 20:19:47 +0000 |
| commit | 4ec2993d4822ccc3f1ba43cadcd6aa82c3e56c51 (patch) | |
| tree | 05554f794297819e7e31267a68f87a16427ef9bc /sys/netkey | |
| parent | 9ecacc3d02ab37935b785c69261653a7f2e67b2b (diff) | |
| download | FreeBSD-src-4ec2993d4822ccc3f1ba43cadcd6aa82c3e56c51.zip FreeBSD-src-4ec2993d4822ccc3f1ba43cadcd6aa82c3e56c51.tar.gz | |
Fixed the value of the prefixlen in the sadb_address structure.
When pfkey message relative to SA is sent, the prefixlen was incorrect.
Obtained from: KAME
MFC after: 1 week
Diffstat (limited to 'sys/netkey')
| -rw-r--r-- | sys/netkey/key.c | 28 |
1 files changed, 20 insertions, 8 deletions
diff --git a/sys/netkey/key.c b/sys/netkey/key.c index 8cb0355..6c2e7ed 100644 --- a/sys/netkey/key.c +++ b/sys/netkey/key.c @@ -111,6 +111,8 @@ #define satosin(s) ((struct sockaddr_in *)s) #endif +#define FULLMASK 0xff + /* * Note on SA reference counting: * - SAs that are not in DEAD state will have (total external reference + 1) @@ -3426,7 +3428,7 @@ key_setdumpsa(sav, type, satype, seq, pid) case SADB_EXT_ADDRESS_SRC: m = key_setsadbaddr(SADB_EXT_ADDRESS_SRC, (struct sockaddr *)&sav->sah->saidx.src, - sav->sah->saidx.src.ss_len << 3, IPSEC_ULPROTO_ANY); + FULLMASK, IPSEC_ULPROTO_ANY); if (!m) goto fail; break; @@ -3434,7 +3436,7 @@ key_setdumpsa(sav, type, satype, seq, pid) case SADB_EXT_ADDRESS_DST: m = key_setsadbaddr(SADB_EXT_ADDRESS_DST, (struct sockaddr *)&sav->sah->saidx.dst, - sav->sah->saidx.dst.ss_len << 3, IPSEC_ULPROTO_ANY); + FULLMASK, IPSEC_ULPROTO_ANY); if (!m) goto fail; break; @@ -3636,6 +3638,18 @@ key_setsadbaddr(exttype, saddr, prefixlen, ul_proto) p->sadb_address_len = PFKEY_UNIT64(len); p->sadb_address_exttype = exttype; p->sadb_address_proto = ul_proto; + if (prefixlen == FULLMASK) { + switch (saddr->sa_family) { + case AF_INET: + prefixlen = sizeof(struct in_addr) << 3; + break; + case AF_INET6: + prefixlen = sizeof(struct in6_addr) << 3; + break; + default: + ; /*XXX*/ + } + } p->sadb_address_prefixlen = prefixlen; p->sadb_address_reserved = 0; @@ -5916,8 +5930,7 @@ key_acquire(saidx, sp) /* set sadb_address for saidx's. */ m = key_setsadbaddr(SADB_EXT_ADDRESS_SRC, - (struct sockaddr *)&saidx->src, saidx->src.ss_len << 3, - IPSEC_ULPROTO_ANY); + (struct sockaddr *)&saidx->src, FULLMASK, IPSEC_ULPROTO_ANY); if (!m) { error = ENOBUFS; goto fail; @@ -5925,8 +5938,7 @@ key_acquire(saidx, sp) m_cat(result, m); m = key_setsadbaddr(SADB_EXT_ADDRESS_DST, - (struct sockaddr *)&saidx->dst, saidx->dst.ss_len << 3, - IPSEC_ULPROTO_ANY); + (struct sockaddr *)&saidx->dst, FULLMASK, IPSEC_ULPROTO_ANY); if (!m) { error = ENOBUFS; goto fail; @@ -6558,7 +6570,7 @@ key_expire(sav) /* set sadb_address for source */ m = key_setsadbaddr(SADB_EXT_ADDRESS_SRC, (struct sockaddr *)&sav->sah->saidx.src, - sav->sah->saidx.src.ss_len << 3, IPSEC_ULPROTO_ANY); + FULLMASK, IPSEC_ULPROTO_ANY); if (!m) { error = ENOBUFS; goto fail; @@ -6568,7 +6580,7 @@ key_expire(sav) /* set sadb_address for destination */ m = key_setsadbaddr(SADB_EXT_ADDRESS_DST, (struct sockaddr *)&sav->sah->saidx.dst, - sav->sah->saidx.dst.ss_len << 3, IPSEC_ULPROTO_ANY); + FULLMASK, IPSEC_ULPROTO_ANY); if (!m) { error = ENOBUFS; goto fail; |
