Commit d6ebd145 authored by Kunihiro Ishiguro's avatar Kunihiro Ishiguro Committed by David S. Miller

[IPSEC]: Add ipv6 support to ipsec netlink sockets.

parent 0b7f6302
...@@ -63,10 +63,14 @@ static int verify_newsa_info(struct xfrm_usersa_info *p, ...@@ -63,10 +63,14 @@ static int verify_newsa_info(struct xfrm_usersa_info *p,
case AF_INET: case AF_INET:
break; break;
case AF_INET6: /* XXX */ case AF_INET6:
#if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
break;
#else
err = -EAFNOSUPPORT; err = -EAFNOSUPPORT;
goto out;
#endif
/* fallthru */
default: default:
goto out; goto out;
}; };
...@@ -171,7 +175,19 @@ static struct xfrm_state *xfrm_state_construct(struct xfrm_usersa_info *p, ...@@ -171,7 +175,19 @@ static struct xfrm_state *xfrm_state_construct(struct xfrm_usersa_info *p,
goto error; goto error;
err = -ENOENT; err = -ENOENT;
switch (x->props.family) {
case AF_INET:
x->type = xfrm_get_type(x->id.proto); x->type = xfrm_get_type(x->id.proto);
break;
#if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
case AF_INET6:
x->type = xfrm6_get_type(x->id.proto);
break;
#endif
default:
x->type = NULL;
break;
}
if (x->type == NULL) if (x->type == NULL)
goto error; goto error;
...@@ -206,8 +222,21 @@ static int xfrm_add_sa(struct sk_buff *skb, struct nlmsghdr *nlh, void **xfrma) ...@@ -206,8 +222,21 @@ static int xfrm_add_sa(struct sk_buff *skb, struct nlmsghdr *nlh, void **xfrma)
if (!x) if (!x)
return err; return err;
switch (x->props.family) {
case AF_INET:
x1 = xfrm_state_lookup(x->props.saddr.xfrm4_addr, x1 = xfrm_state_lookup(x->props.saddr.xfrm4_addr,
x->id.spi, x->id.proto); x->id.spi, x->id.proto);
break;
#if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
case AF_INET6:
x1 = xfrm6_state_lookup((struct in6_addr*)x->props.saddr.a6,
x->id.spi, x->id.proto);
break;
#endif
default:
x1 = NULL;
break;
}
if (x1) { if (x1) {
xfrm_state_put(x); xfrm_state_put(x);
xfrm_state_put(x1); xfrm_state_put(x1);
...@@ -224,7 +253,19 @@ static int xfrm_del_sa(struct sk_buff *skb, struct nlmsghdr *nlh, void **xfrma) ...@@ -224,7 +253,19 @@ static int xfrm_del_sa(struct sk_buff *skb, struct nlmsghdr *nlh, void **xfrma)
struct xfrm_state *x; struct xfrm_state *x;
struct xfrm_usersa_id *p = NLMSG_DATA(nlh); struct xfrm_usersa_id *p = NLMSG_DATA(nlh);
switch (p->family) {
case AF_INET:
x = xfrm_state_lookup(p->saddr.xfrm4_addr, p->spi, p->proto); x = xfrm_state_lookup(p->saddr.xfrm4_addr, p->spi, p->proto);
break;
#if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
case AF_INET6:
x = xfrm6_state_lookup((struct in6_addr*)p->saddr.a6, p->spi, p->proto);
break;
#endif
default:
x = NULL;
break;
}
if (x == NULL) if (x == NULL)
return -ESRCH; return -ESRCH;
...@@ -342,7 +383,19 @@ static int xfrm_get_sa(struct sk_buff *skb, struct nlmsghdr *nlh, void **xfrma) ...@@ -342,7 +383,19 @@ static int xfrm_get_sa(struct sk_buff *skb, struct nlmsghdr *nlh, void **xfrma)
struct sk_buff *resp_skb; struct sk_buff *resp_skb;
int err; int err;
switch (p->family) {
case AF_INET:
x = xfrm_state_lookup(p->saddr.xfrm4_addr, p->spi, p->proto); x = xfrm_state_lookup(p->saddr.xfrm4_addr, p->spi, p->proto);
break;
#if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
case AF_INET6:
x = xfrm6_state_lookup((struct in6_addr*)p->saddr.a6, p->spi, p->proto);
break;
#endif
default:
x = NULL;
break;
}
err = -ESRCH; err = -ESRCH;
if (x == NULL) if (x == NULL)
goto out_noput; goto out_noput;
...@@ -393,9 +446,23 @@ static int xfrm_alloc_userspi(struct sk_buff *skb, struct nlmsghdr *nlh, void ** ...@@ -393,9 +446,23 @@ static int xfrm_alloc_userspi(struct sk_buff *skb, struct nlmsghdr *nlh, void **
err = verify_userspi_info(p); err = verify_userspi_info(p);
if (err) if (err)
goto out_noput; goto out_noput;
switch (p->info.family) {
case AF_INET:
x = xfrm_find_acq(p->info.mode, p->info.reqid, p->info.id.proto, x = xfrm_find_acq(p->info.mode, p->info.reqid, p->info.id.proto,
p->info.sel.daddr.xfrm4_addr, p->info.sel.daddr.xfrm4_addr,
p->info.sel.saddr.xfrm4_addr, 1); p->info.sel.saddr.xfrm4_addr, 1);
break;
#if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
case AF_INET6:
x = xfrm6_find_acq(p->info.mode, p->info.reqid, p->info.id.proto,
(struct in6_addr*)p->info.sel.daddr.a6,
(struct in6_addr*)p->info.sel.saddr.a6, 1);
break;
#endif
default:
x = NULL;
break;
}
err = -ENOENT; err = -ENOENT;
if (x == NULL) if (x == NULL)
goto out_noput; goto out_noput;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment