Lines 1-102
Link Here
|
1 |
diff -u -r srcold/libcharon/plugins/kernel_pfkey/kernel_pfkey_ipsec.c src/libcharon/plugins/kernel_pfkey/kernel_pfkey_ipsec.c |
|
|
2 |
--- srcold/libcharon/plugins/kernel_pfkey/kernel_pfkey_ipsec.c 2010-03-19 17:56:54.000000000 +0200 |
3 |
+++ src/libcharon/plugins/kernel_pfkey/kernel_pfkey_ipsec.c 2010-05-28 15:58:12.000000000 +0200 |
4 |
@@ -600,17 +600,43 @@ |
5 |
} |
6 |
|
7 |
/** |
8 |
- * add a host behind a sadb_address extension |
9 |
+ * Copy a host_t as sockaddr_t to the given memory location. Ports are |
10 |
+ * reset to zero as per RFC 2367. |
11 |
+ * @returns the number of bytes copied |
12 |
*/ |
13 |
-static void host2ext(host_t *host, struct sadb_address *ext) |
14 |
+static size_t hostcpy(void *dest, host_t *host) |
15 |
{ |
16 |
- sockaddr_t *host_addr = host->get_sockaddr(host); |
17 |
+ sockaddr_t *addr = host->get_sockaddr(host), *dest_addr = dest; |
18 |
socklen_t *len = host->get_sockaddr_len(host); |
19 |
+ memcpy(dest, addr, *len); |
20 |
#ifdef HAVE_STRUCT_SOCKADDR_SA_LEN |
21 |
- host_addr->sa_len = *len; |
22 |
+ dest_addr->sa_len = *len; |
23 |
#endif |
24 |
- memcpy((char*)(ext + 1), host_addr, *len); |
25 |
- ext->sadb_address_len = PFKEY_LEN(sizeof(*ext) + *len); |
26 |
+ switch (dest_addr->sa_family) |
27 |
+ { |
28 |
+ case AF_INET: |
29 |
+ { |
30 |
+ struct sockaddr_in *sin = dest; |
31 |
+ sin->sin_port = 0; |
32 |
+ break; |
33 |
+ } |
34 |
+ case AF_INET6: |
35 |
+ { |
36 |
+ struct sockaddr_in6 *sin6 = dest; |
37 |
+ sin6->sin6_port = 0; |
38 |
+ break; |
39 |
+ } |
40 |
+ } |
41 |
+ return *len; |
42 |
+} |
43 |
+ |
44 |
+/** |
45 |
+ * add a host behind an sadb_address extension |
46 |
+ */ |
47 |
+static void host2ext(host_t *host, struct sadb_address *ext) |
48 |
+{ |
49 |
+ size_t len = hostcpy(ext + 1, host); |
50 |
+ ext->sadb_address_len = PFKEY_LEN(sizeof(*ext) + len); |
51 |
} |
52 |
|
53 |
/** |
54 |
@@ -1019,6 +1045,7 @@ |
55 |
} |
56 |
#endif /*SADB_X_MIGRATE*/ |
57 |
|
58 |
+#ifndef __FreeBSD__ |
59 |
#ifdef HAVE_NATT |
60 |
/** |
61 |
* Process a SADB_X_NAT_T_NEW_MAPPING message from the kernel |
62 |
@@ -1076,6 +1103,7 @@ |
63 |
} |
64 |
} |
65 |
#endif /*HAVE_NATT*/ |
66 |
+#endif /*__FreeBSD__*/ |
67 |
|
68 |
/** |
69 |
* Receives events from kernel |
70 |
@@ -1137,11 +1165,13 @@ |
71 |
process_migrate(this, msg); |
72 |
break; |
73 |
#endif /*SADB_X_MIGRATE*/ |
74 |
+#ifndef __FreeBSD__ |
75 |
#ifdef HAVE_NATT |
76 |
case SADB_X_NAT_T_NEW_MAPPING: |
77 |
process_mapping(this, msg); |
78 |
break; |
79 |
#endif /*HAVE_NATT*/ |
80 |
+#endif /*__FreeBSD__*/ |
81 |
default: |
82 |
break; |
83 |
} |
84 |
@@ -1679,14 +1709,10 @@ |
85 |
req->sadb_x_ipsecrequest_level = IPSEC_LEVEL_UNIQUE; |
86 |
if (mode == MODE_TUNNEL) |
87 |
{ |
88 |
- sockaddr_t *sa; |
89 |
- socklen_t sl; |
90 |
- sa = src->get_sockaddr(src); |
91 |
- sl = *src->get_sockaddr_len(src); |
92 |
- memcpy(req + 1, sa, sl); |
93 |
- sa = dst->get_sockaddr(dst); |
94 |
- memcpy((u_int8_t*)(req + 1) + sl, sa, sl); |
95 |
- req->sadb_x_ipsecrequest_len += sl * 2; |
96 |
+ len = hostcpy(req + 1, src); |
97 |
+ req->sadb_x_ipsecrequest_len += len; |
98 |
+ len = hostcpy((char*)(req + 1) + len, dst); |
99 |
+ req->sadb_x_ipsecrequest_len += len; |
100 |
} |
101 |
|
102 |
pol->sadb_x_policy_len += PFKEY_LEN(req->sadb_x_ipsecrequest_len); |