|
Lines 1-102
Link Here
|
| 1 |
diff -u -r srcold/libcharon/plugins/kernel_pfkey/kernel_pfkey_ipsec.c src/libcharon/plugins/kernel_pfkey/kernel_pfkey_ipsec.c |
|
|
| 2 |
--- srcold/libcharon/plugins/kernel_pfkey/kernel_pfkey_ipsec.c 2010-03-19 17:56:54.000000000 +0200 |
| 3 |
+++ src/libcharon/plugins/kernel_pfkey/kernel_pfkey_ipsec.c 2010-05-28 15:58:12.000000000 +0200 |
| 4 |
@@ -600,17 +600,43 @@ |
| 5 |
} |
| 6 |
|
| 7 |
/** |
| 8 |
- * add a host behind a sadb_address extension |
| 9 |
+ * Copy a host_t as sockaddr_t to the given memory location. Ports are |
| 10 |
+ * reset to zero as per RFC 2367. |
| 11 |
+ * @returns the number of bytes copied |
| 12 |
*/ |
| 13 |
-static void host2ext(host_t *host, struct sadb_address *ext) |
| 14 |
+static size_t hostcpy(void *dest, host_t *host) |
| 15 |
{ |
| 16 |
- sockaddr_t *host_addr = host->get_sockaddr(host); |
| 17 |
+ sockaddr_t *addr = host->get_sockaddr(host), *dest_addr = dest; |
| 18 |
socklen_t *len = host->get_sockaddr_len(host); |
| 19 |
+ memcpy(dest, addr, *len); |
| 20 |
#ifdef HAVE_STRUCT_SOCKADDR_SA_LEN |
| 21 |
- host_addr->sa_len = *len; |
| 22 |
+ dest_addr->sa_len = *len; |
| 23 |
#endif |
| 24 |
- memcpy((char*)(ext + 1), host_addr, *len); |
| 25 |
- ext->sadb_address_len = PFKEY_LEN(sizeof(*ext) + *len); |
| 26 |
+ switch (dest_addr->sa_family) |
| 27 |
+ { |
| 28 |
+ case AF_INET: |
| 29 |
+ { |
| 30 |
+ struct sockaddr_in *sin = dest; |
| 31 |
+ sin->sin_port = 0; |
| 32 |
+ break; |
| 33 |
+ } |
| 34 |
+ case AF_INET6: |
| 35 |
+ { |
| 36 |
+ struct sockaddr_in6 *sin6 = dest; |
| 37 |
+ sin6->sin6_port = 0; |
| 38 |
+ break; |
| 39 |
+ } |
| 40 |
+ } |
| 41 |
+ return *len; |
| 42 |
+} |
| 43 |
+ |
| 44 |
+/** |
| 45 |
+ * add a host behind an sadb_address extension |
| 46 |
+ */ |
| 47 |
+static void host2ext(host_t *host, struct sadb_address *ext) |
| 48 |
+{ |
| 49 |
+ size_t len = hostcpy(ext + 1, host); |
| 50 |
+ ext->sadb_address_len = PFKEY_LEN(sizeof(*ext) + len); |
| 51 |
} |
| 52 |
|
| 53 |
/** |
| 54 |
@@ -1019,6 +1045,7 @@ |
| 55 |
} |
| 56 |
#endif /*SADB_X_MIGRATE*/ |
| 57 |
|
| 58 |
+#ifndef __FreeBSD__ |
| 59 |
#ifdef HAVE_NATT |
| 60 |
/** |
| 61 |
* Process a SADB_X_NAT_T_NEW_MAPPING message from the kernel |
| 62 |
@@ -1076,6 +1103,7 @@ |
| 63 |
} |
| 64 |
} |
| 65 |
#endif /*HAVE_NATT*/ |
| 66 |
+#endif /*__FreeBSD__*/ |
| 67 |
|
| 68 |
/** |
| 69 |
* Receives events from kernel |
| 70 |
@@ -1137,11 +1165,13 @@ |
| 71 |
process_migrate(this, msg); |
| 72 |
break; |
| 73 |
#endif /*SADB_X_MIGRATE*/ |
| 74 |
+#ifndef __FreeBSD__ |
| 75 |
#ifdef HAVE_NATT |
| 76 |
case SADB_X_NAT_T_NEW_MAPPING: |
| 77 |
process_mapping(this, msg); |
| 78 |
break; |
| 79 |
#endif /*HAVE_NATT*/ |
| 80 |
+#endif /*__FreeBSD__*/ |
| 81 |
default: |
| 82 |
break; |
| 83 |
} |
| 84 |
@@ -1679,14 +1709,10 @@ |
| 85 |
req->sadb_x_ipsecrequest_level = IPSEC_LEVEL_UNIQUE; |
| 86 |
if (mode == MODE_TUNNEL) |
| 87 |
{ |
| 88 |
- sockaddr_t *sa; |
| 89 |
- socklen_t sl; |
| 90 |
- sa = src->get_sockaddr(src); |
| 91 |
- sl = *src->get_sockaddr_len(src); |
| 92 |
- memcpy(req + 1, sa, sl); |
| 93 |
- sa = dst->get_sockaddr(dst); |
| 94 |
- memcpy((u_int8_t*)(req + 1) + sl, sa, sl); |
| 95 |
- req->sadb_x_ipsecrequest_len += sl * 2; |
| 96 |
+ len = hostcpy(req + 1, src); |
| 97 |
+ req->sadb_x_ipsecrequest_len += len; |
| 98 |
+ len = hostcpy((char*)(req + 1) + len, dst); |
| 99 |
+ req->sadb_x_ipsecrequest_len += len; |
| 100 |
} |
| 101 |
|
| 102 |
pol->sadb_x_policy_len += PFKEY_LEN(req->sadb_x_ipsecrequest_len); |