version 1.183.2.2, 2012/10/30 17:22:47 |
version 1.184, 2011/12/19 11:59:57 |
Line 96 __KERNEL_RCSID(0, "$NetBSD$"); |
|
Line 96 __KERNEL_RCSID(0, "$NetBSD$"); |
|
#include <netinet/udp.h> |
#include <netinet/udp.h> |
#include <netinet/udp_var.h> |
#include <netinet/udp_var.h> |
#include <netinet/udp_private.h> |
#include <netinet/udp_private.h> |
|
#include <netinet/rfc6056.h> |
|
|
#ifdef INET6 |
#ifdef INET6 |
#include <netinet/ip6.h> |
#include <netinet/ip6.h> |
Line 128 __KERNEL_RCSID(0, "$NetBSD$"); |
|
Line 129 __KERNEL_RCSID(0, "$NetBSD$"); |
|
#endif |
#endif |
#endif /* FAST_IPSEC */ |
#endif /* FAST_IPSEC */ |
|
|
|
#ifdef KAME_IPSEC |
|
#include <netinet6/ipsec.h> |
|
#include <netinet6/ipsec_private.h> |
|
#include <netinet6/esp.h> |
|
#include <netkey/key.h> |
|
#endif /* KAME_IPSEC */ |
|
|
#ifdef COMPAT_50 |
#ifdef COMPAT_50 |
#include <compat/sys/socket.h> |
#include <compat/sys/socket.h> |
#endif |
#endif |
Line 626 udp4_sendup(struct mbuf *m, int off /* o |
|
Line 634 udp4_sendup(struct mbuf *m, int off /* o |
|
return; |
return; |
} |
} |
|
|
#if defined(FAST_IPSEC) |
#if defined(KAME_IPSEC) || defined(FAST_IPSEC) |
/* check AH/ESP integrity. */ |
/* check AH/ESP integrity. */ |
if (so != NULL && ipsec4_in_reject_so(m, so)) { |
if (so != NULL && ipsec4_in_reject_so(m, so)) { |
IPSEC_STATINC(IPSEC_STAT_IN_POLVIO); |
IPSEC_STATINC(IPSEC_STAT_IN_POLVIO); |
Line 676 udp6_sendup(struct mbuf *m, int off /* o |
|
Line 684 udp6_sendup(struct mbuf *m, int off /* o |
|
return; |
return; |
in6p = sotoin6pcb(so); |
in6p = sotoin6pcb(so); |
|
|
#if defined(FAST_IPSEC) |
#if defined(KAME_IPSEC) || defined(FAST_IPSEC) |
/* check AH/ESP integrity. */ |
/* check AH/ESP integrity. */ |
if (so != NULL && ipsec6_in_reject_so(m, so)) { |
if (so != NULL && ipsec6_in_reject_so(m, so)) { |
IPSEC6_STATINC(IPSEC_STAT_IN_POLVIO); |
IPSEC6_STATINC(IPSEC_STAT_IN_POLVIO); |
Line 1079 udp_ctloutput(int op, struct socket *so, |
|
Line 1087 udp_ctloutput(int op, struct socket *so, |
|
} |
} |
break; |
break; |
|
|
|
case UDP_RFC6056ALGO: |
|
error = sockopt_getint(sopt, &optval); |
|
if (error) |
|
break; |
|
|
|
error = rfc6056_algo_index_select( |
|
(struct inpcb_hdr *)inp, optval); |
|
break; |
|
|
default: |
default: |
error = ENOPROTOOPT; |
error = ENOPROTOOPT; |
break; |
break; |
Line 1367 sysctl_net_inet_udp_stats(SYSCTLFN_ARGS) |
|
Line 1384 sysctl_net_inet_udp_stats(SYSCTLFN_ARGS) |
|
static void |
static void |
sysctl_net_inet_udp_setup(struct sysctllog **clog) |
sysctl_net_inet_udp_setup(struct sysctllog **clog) |
{ |
{ |
|
const struct sysctlnode *rfc6056_node; |
|
|
sysctl_createv(clog, 0, NULL, NULL, |
sysctl_createv(clog, 0, NULL, NULL, |
CTLFLAG_PERMANENT, |
CTLFLAG_PERMANENT, |
CTLTYPE_NODE, "net", NULL, |
CTLTYPE_NODE, "net", NULL, |
Line 1426 sysctl_net_inet_udp_setup(struct sysctll |
|
Line 1445 sysctl_net_inet_udp_setup(struct sysctll |
|
sysctl_net_inet_udp_stats, 0, NULL, 0, |
sysctl_net_inet_udp_stats, 0, NULL, 0, |
CTL_NET, PF_INET, IPPROTO_UDP, UDPCTL_STATS, |
CTL_NET, PF_INET, IPPROTO_UDP, UDPCTL_STATS, |
CTL_EOL); |
CTL_EOL); |
|
/* RFC6056 subtree */ |
|
sysctl_createv(clog, 0, NULL, &rfc6056_node, |
|
CTLFLAG_PERMANENT, |
|
CTLTYPE_NODE, "rfc6056", |
|
SYSCTL_DESCR("RFC 6056"), |
|
NULL, 0, NULL, 0, |
|
CTL_NET, PF_INET, IPPROTO_UDP, CTL_CREATE, CTL_EOL); |
|
sysctl_createv(clog, 0, &rfc6056_node, NULL, |
|
CTLFLAG_PERMANENT, |
|
CTLTYPE_STRING, "available", |
|
SYSCTL_DESCR("RFC 6056 available algorithms"), |
|
sysctl_rfc6056_available, 0, NULL, RFC6056_MAXLEN, |
|
CTL_CREATE, CTL_EOL); |
|
sysctl_createv(clog, 0, &rfc6056_node, NULL, |
|
CTLFLAG_PERMANENT|CTLFLAG_READWRITE, |
|
CTLTYPE_STRING, "selected", |
|
SYSCTL_DESCR("RFC 6056 selected algorithm"), |
|
sysctl_rfc6056_selected, 0, NULL, RFC6056_MAXLEN, |
|
CTL_CREATE, CTL_EOL); |
} |
} |
#endif |
#endif |
|
|
Line 1573 udp4_espinudp(struct mbuf **mp, int off, |
|
Line 1611 udp4_espinudp(struct mbuf **mp, int off, |
|
esp4_input(n, iphdrlen); |
esp4_input(n, iphdrlen); |
#endif |
#endif |
|
|
/* We handled it, it shouldn't be handled by UDP */ |
/* We handled it, it shoudln't be handled by UDP */ |
return 1; |
return 1; |
} |
} |
#endif |
#endif |