version 1.129.4.1, 2005/02/12 18:17:54 |
version 1.134.2.2, 2005/04/28 10:53:40 |
Line 932 udp_ctlinput(int cmd, struct sockaddr *s |
|
Line 932 udp_ctlinput(int cmd, struct sockaddr *s |
|
} |
} |
|
|
int |
int |
udp_ctloutput(op, so, level, optname, mp) |
udp_ctloutput(op, so, level, optname, mp) |
int op; |
int op; |
struct socket *so; |
struct socket *so; |
int level, optname; |
int level, optname; |
Line 982 udp_ctloutput(op, so, level, optname, mp |
|
Line 982 udp_ctloutput(op, so, level, optname, mp |
|
error = EINVAL; |
error = EINVAL; |
goto end; |
goto end; |
} |
} |
|
|
switch(*mtod(m, int *)) { |
switch(*mtod(m, int *)) { |
#ifdef IPSEC_NAT_T |
#ifdef IPSEC_NAT_T |
case 0: |
case 0: |
Line 993 udp_ctloutput(op, so, level, optname, mp |
|
Line 993 udp_ctloutput(op, so, level, optname, mp |
|
inp->inp_flags &= ~INP_ESPINUDP_ALL; |
inp->inp_flags &= ~INP_ESPINUDP_ALL; |
inp->inp_flags |= INP_ESPINUDP; |
inp->inp_flags |= INP_ESPINUDP; |
break; |
break; |
|
|
case UDP_ENCAP_ESPINUDP_NON_IKE: |
case UDP_ENCAP_ESPINUDP_NON_IKE: |
inp->inp_flags &= ~INP_ESPINUDP_ALL; |
inp->inp_flags &= ~INP_ESPINUDP_ALL; |
inp->inp_flags |= INP_ESPINUDP_NON_IKE; |
inp->inp_flags |= INP_ESPINUDP_NON_IKE; |
Line 1017 udp_ctloutput(op, so, level, optname, mp |
|
Line 1017 udp_ctloutput(op, so, level, optname, mp |
|
error = EINVAL; |
error = EINVAL; |
goto end; |
goto end; |
break; |
break; |
} |
} |
|
|
end: |
end: |
splx(s); |
splx(s); |
return error; |
return error; |
} |
} |
|
|
|
|
int |
int |
udp_output(struct mbuf *m, ...) |
udp_output(struct mbuf *m, ...) |
Line 1334 SYSCTL_SETUP(sysctl_net_inet_udp_setup, |
|
Line 1334 SYSCTL_SETUP(sysctl_net_inet_udp_setup, |
|
NULL, 0, &udp_do_loopback_cksum, 0, |
NULL, 0, &udp_do_loopback_cksum, 0, |
CTL_NET, PF_INET, IPPROTO_UDP, UDPCTL_LOOPBACKCKSUM, |
CTL_NET, PF_INET, IPPROTO_UDP, UDPCTL_LOOPBACKCKSUM, |
CTL_EOL); |
CTL_EOL); |
|
sysctl_createv(clog, 0, NULL, NULL, |
|
CTLFLAG_PERMANENT, |
|
CTLTYPE_STRUCT, "pcblist", |
|
SYSCTL_DESCR("UDP protocol control block list"), |
|
sysctl_inpcblist, 0, &udbtable, 0, |
|
CTL_NET, PF_INET, IPPROTO_UDP, CTL_CREATE, |
|
CTL_EOL); |
} |
} |
#endif |
#endif |
|
|
Line 1358 udp4_espinudp(m, off, src, so) |
|
Line 1365 udp4_espinudp(m, off, src, so) |
|
size_t iphdrlen; |
size_t iphdrlen; |
struct ip *ip; |
struct ip *ip; |
struct mbuf *n; |
struct mbuf *n; |
|
struct m_tag *tag; |
|
struct udphdr *udphdr; |
|
u_int16_t sport, dport; |
|
|
/* |
/* |
* Collapse the mbuf chain if the first mbuf is too short |
* Collapse the mbuf chain if the first mbuf is too short |
* The longest case is: UDP + non ESP marker + ESP |
* The longest case is: UDP + non ESP marker + ESP |
*/ |
*/ |
Line 1374 udp4_espinudp(m, off, src, so) |
|
Line 1384 udp4_espinudp(m, off, src, so) |
|
} |
} |
} |
} |
|
|
len = m->m_len - off; |
len = m->m_len - off; |
data = mtod(m, caddr_t) + off; |
data = mtod(m, caddr_t) + off; |
inp = sotoinpcb(so); |
inp = sotoinpcb(so); |
|
|
Line 1383 udp4_espinudp(m, off, src, so) |
|
Line 1393 udp4_espinudp(m, off, src, so) |
|
return 1; |
return 1; |
} |
} |
|
|
/* |
/* |
* Check that the payload is long enough to hold |
* Check that the payload is long enough to hold |
* an ESP header and compute the length of encapsulation |
* an ESP header and compute the length of encapsulation |
* header to remove |
* header to remove |
*/ |
*/ |
if (inp->inp_flags & INP_ESPINUDP) { |
if (inp->inp_flags & INP_ESPINUDP) { |
u_int32_t *st = (u_int32_t *)data; |
u_int32_t *st = (u_int32_t *)data; |
Line 1403 udp4_espinudp(m, off, src, so) |
|
Line 1413 udp4_espinudp(m, off, src, so) |
|
if ((len <= sizeof(u_int64_t) + sizeof(struct esp)) |
if ((len <= sizeof(u_int64_t) + sizeof(struct esp)) |
|| (*st != 0)) |
|| (*st != 0)) |
return 0; /* Normal UDP processing */ |
return 0; /* Normal UDP processing */ |
|
|
skip = sizeof(struct udphdr) + sizeof(u_int64_t); |
skip = sizeof(struct udphdr) + sizeof(u_int64_t); |
} |
} |
|
|
/* |
/* |
|
* Get the UDP ports. They are handled in network |
|
* order everywhere in IPSEC_NAT_T code. |
|
*/ |
|
udphdr = (struct udphdr *)(data - skip); |
|
sport = udphdr->uh_sport; |
|
dport = udphdr->uh_dport; |
|
|
|
/* |
* Remove the UDP header (and possibly the non ESP marker) |
* Remove the UDP header (and possibly the non ESP marker) |
* IP header lendth is iphdrlen |
* IP header lendth is iphdrlen |
* Before: |
* Before: |
* <--- off ---> |
* <--- off ---> |
* +----+------+-----+ |
* +----+------+-----+ |
* | IP | UDP | ESP | |
* | IP | UDP | ESP | |
Line 1431 udp4_espinudp(m, off, src, so) |
|
Line 1449 udp4_espinudp(m, off, src, so) |
|
ip->ip_p = IPPROTO_ESP; |
ip->ip_p = IPPROTO_ESP; |
|
|
/* |
/* |
* Copy the mbuf to avoid multiple free, as both |
* Copy the mbuf to avoid multiple free, as both |
* esp4_input (which we call) and udp_input (which |
* esp4_input (which we call) and udp_input (which |
* called us) free the mbuf. |
* called us) free the mbuf. |
*/ |
*/ |
if ((n = m_dup(m, 0, M_COPYALL, M_DONTWAIT)) == NULL) { |
if ((n = m_dup(m, 0, M_COPYALL, M_DONTWAIT)) == NULL) { |
Line 1440 udp4_espinudp(m, off, src, so) |
|
Line 1458 udp4_espinudp(m, off, src, so) |
|
return 0; |
return 0; |
} |
} |
|
|
|
/* |
|
* Add a PACKET_TAG_IPSEC_NAT_T_PORT tag to remember |
|
* the source UDP port. This is required if we want |
|
* to select the right SPD for multiple hosts behind |
|
* same NAT |
|
*/ |
|
if ((tag = m_tag_get(PACKET_TAG_IPSEC_NAT_T_PORTS, |
|
sizeof(sport) + sizeof(dport), M_DONTWAIT)) == NULL) { |
|
printf("udp4_espinudp: m_tag_get failed\n"); |
|
return 0; |
|
} |
|
((u_int16_t *)(tag + 1))[0] = sport; |
|
((u_int16_t *)(tag + 1))[1] = dport; |
|
m_tag_prepend(n, tag); |
|
|
esp4_input(n, iphdrlen); |
esp4_input(n, iphdrlen); |
|
|
/* We handled it, it shoudln't be handled by UDP */ |
/* We handled it, it shoudln't be handled by UDP */ |