📄 beet-ph-patch-v1.0-2.6.15.6
字号:
- if (!top_iph->frag_off)- __ip_select_ident(top_iph, dst, 0);-- top_iph->ttl = dst_metric(dst->child, RTAX_HOPLIMIT);+ skb->nh.raw = skb_push(skb, hdrlen);+ top_iph = skb->nh.iph;+ hdrlen = iph->ihl * 4 - optlen;+ switch (x->props.mode) {+ case XFRM_MODE_TRANSPORT:+ skb->h.raw += hdrlen;+ memmove(top_iph, iph, hdrlen);+ return;+ + case XFRM_MODE_BEET:+ skb->h.raw += hdrlen;+ memmove(top_iph, iph, hdrlen);+ if (unlikely(optlen)) {+ struct ip_beet_phdr *ph;++ BUG_ON(optlen < 0);++ ph = (struct ip_beet_phdr *)skb->h.raw;+ ph->padlen = 4 - (optlen & 4);+ ph->hdrlen = (optlen + ph->padlen + sizeof(*ph)) / 8;+ ph->nexthdr = top_iph->protocol;+ + top_iph->protocol = IPPROTO_BEETPH;+ top_iph->ihl = sizeof(struct iphdr) / 4;+ }+ break;+ + default:+ case XFRM_MODE_TUNNEL:+ top_iph->ihl = 5;+ top_iph->version = 4;+ + /* DS disclosed */+ top_iph->tos = INET_ECN_encapsulate(iph->tos, iph->tos);+ + flags = x->props.flags;+ if (flags & XFRM_STATE_NOECN)+ IP_ECN_clear(top_iph);+ + top_iph->frag_off = (flags & XFRM_STATE_NOPMTUDISC) ?+ 0 : (iph->frag_off & htons(IP_DF));+ if (!top_iph->frag_off)+ __ip_select_ident(top_iph, dst, 0);++ top_iph->ttl = dst_metric(dst->child, RTAX_HOPLIMIT);++ top_iph->protocol = IPPROTO_IPIP;+ memset(&(IPCB(skb)->opt), 0, sizeof(struct ip_options));+ break;+ } top_iph->saddr = x->props.saddr.a4; top_iph->daddr = x->id.daddr.a4;- top_iph->protocol = IPPROTO_IPIP;-- memset(&(IPCB(skb)->opt), 0, sizeof(struct ip_options)); } static int xfrm4_tunnel_check_size(struct sk_buff *skb)@@ -107,7 +142,7 @@ goto error_nolock; } - if (x->props.mode) {+ if (x->props.mode == XFRM_MODE_TUNNEL) { err = xfrm4_tunnel_check_size(skb); if (err) goto error_nolock;diff -urN 2.6.15.6/net/ipv4/xfrm4_tunnel.c beet/net/ipv4/xfrm4_tunnel.c--- 2.6.15.6/net/ipv4/xfrm4_tunnel.c 2006-03-05 21:07:54.000000000 +0200+++ beet/net/ipv4/xfrm4_tunnel.c 2006-03-04 11:42:10.000000000 +0200@@ -85,15 +85,22 @@ static int ipip_init_state(struct xfrm_state *x) {- if (!x->props.mode)- return -EINVAL;- if (x->encap) return -EINVAL; - x->props.header_len = sizeof(struct iphdr);-- return 0;+ switch (x->props.mode) {+ case XFRM_MODE_TRANSPORT:+ return -EINVAL;+ default:+ case XFRM_MODE_TUNNEL:+ x->props.header_len = sizeof(struct iphdr);+ break;+ case XFRM_MODE_BEET:+ x->props.header_len += IPV4_BEET_PHMAXLEN;+ break;+ }+ + return 0; } static void ipip_destroy(struct xfrm_state *x)diff -urN 2.6.15.6/net/ipv6/ah6.c beet/net/ipv6/ah6.c--- 2.6.15.6/net/ipv6/ah6.c 2006-03-05 21:07:54.000000000 +0200+++ beet/net/ipv6/ah6.c 2006-03-11 14:44:56.000000000 +0200@@ -393,7 +393,7 @@ goto error; x->props.header_len = XFRM_ALIGN8(sizeof(struct ipv6_auth_hdr) + ahp->icv_trunc_len);- if (x->props.mode)+ if (x->props.mode == XFRM_MODE_TUNNEL) x->props.header_len += sizeof(struct ipv6hdr); x->data = ahp; diff -urN 2.6.15.6/net/ipv6/esp6.c beet/net/ipv6/esp6.c--- 2.6.15.6/net/ipv6/esp6.c 2006-03-05 21:07:54.000000000 +0200+++ beet/net/ipv6/esp6.c 2006-03-11 14:44:56.000000000 +0200@@ -358,7 +358,7 @@ if (crypto_cipher_setkey(esp->conf.tfm, esp->conf.key, esp->conf.key_len)) goto error; x->props.header_len = sizeof(struct ipv6_esp_hdr) + esp->conf.ivlen;- if (x->props.mode)+ if (x->props.mode == XFRM_MODE_TUNNEL) x->props.header_len += sizeof(struct ipv6hdr); x->data = esp; return 0;diff -urN 2.6.15.6/net/ipv6/ipcomp6.c beet/net/ipv6/ipcomp6.c--- 2.6.15.6/net/ipv6/ipcomp6.c 2006-03-05 21:07:54.000000000 +0200+++ beet/net/ipv6/ipcomp6.c 2006-03-11 14:44:56.000000000 +0200@@ -433,7 +433,7 @@ memset(ipcd, 0, sizeof(*ipcd)); x->props.header_len = 0;- if (x->props.mode)+ if (x->props.mode == XFRM_MODE_TUNNEL) x->props.header_len += sizeof(struct ipv6hdr); down(&ipcomp6_resource_sem);@@ -445,7 +445,7 @@ goto error; up(&ipcomp6_resource_sem); - if (x->props.mode) {+ if (x->props.mode == XFRM_MODE_TUNNEL) { err = ipcomp6_tunnel_attach(x); if (err) goto error_tunnel;diff -urN 2.6.15.6/net/ipv6/xfrm6_input.c beet/net/ipv6/xfrm6_input.c--- 2.6.15.6/net/ipv6/xfrm6_input.c 2006-03-05 21:07:54.000000000 +0200+++ beet/net/ipv6/xfrm6_input.c 2006-03-06 23:56:49.000000000 +0200@@ -80,7 +80,7 @@ xfrm_vec[xfrm_nr++].xvec = x; - if (x->props.mode) { /* XXX */+ if (x->props.mode == XFRM_MODE_TUNNEL) { if (nexthdr != IPPROTO_IPV6) goto drop; if (!pskb_may_pull(skb, sizeof(struct ipv6hdr)))@@ -97,6 +97,30 @@ skb->nh.raw = skb->data; decaps = 1; break;+ } else if (x->props.mode == XFRM_MODE_BEET) {+ int size = sizeof(struct ipv6hdr);+ if (skb_cloned(skb) &&+ pskb_expand_head(skb, 0, 0, GFP_ATOMIC))+ goto drop;++ skb_push(skb, size);+ memmove(skb->data, skb->nh.raw, size);+ skb->nh.raw = skb->data;++ skb->mac.raw = memmove(skb->data - skb->mac_len,+ skb->mac.raw, skb->mac_len);++ if (x->sel.family == AF_INET6) {+ struct ipv6hdr *ip6h = skb->nh.ipv6h;+ ip6h = skb->nh.ipv6h;+ ip6h->payload_len = htons(skb->len - size);+ ipv6_addr_copy(&ip6h->daddr, (struct in6_addr *) &x->sel.daddr.a6);+ ipv6_addr_copy(&ip6h->saddr, (struct in6_addr *) &x->sel.saddr.a6);+ } else+ BUG_ON(1);++ decaps = 1;+ break; } if ((err = xfrm_parse_spi(skb, nexthdr, &spi, &seq)) < 0)diff -urN 2.6.15.6/net/ipv6/xfrm6_output.c beet/net/ipv6/xfrm6_output.c--- 2.6.15.6/net/ipv6/xfrm6_output.c 2006-03-05 21:07:54.000000000 +0200+++ beet/net/ipv6/xfrm6_output.c 2006-03-11 13:54:36.000000000 +0200@@ -42,7 +42,8 @@ skb_push(skb, x->props.header_len); iph = skb->nh.ipv6h; - if (!x->props.mode) {+ if (x->props.mode == XFRM_MODE_TRANSPORT ||+ x->props.mode == XFRM_MODE_BEET) { u8 *prevhdr; int hdr_len; @@ -50,26 +51,28 @@ skb->nh.raw = prevhdr - x->props.header_len; skb->h.raw = skb->data + hdr_len; memmove(skb->data, iph, hdr_len);- return;+ if (x->props.mode == XFRM_MODE_TRANSPORT)+ return; } skb->nh.raw = skb->data; top_iph = skb->nh.ipv6h; skb->nh.raw = &top_iph->nexthdr; skb->h.ipv6h = top_iph + 1;-- top_iph->version = 6;- top_iph->priority = iph->priority;- top_iph->flow_lbl[0] = iph->flow_lbl[0];- top_iph->flow_lbl[1] = iph->flow_lbl[1];- top_iph->flow_lbl[2] = iph->flow_lbl[2];- dsfield = ipv6_get_dsfield(top_iph);- dsfield = INET_ECN_encapsulate(dsfield, dsfield);- if (x->props.flags & XFRM_STATE_NOECN)- dsfield &= ~INET_ECN_MASK;- ipv6_change_dsfield(top_iph, 0, dsfield);- top_iph->nexthdr = IPPROTO_IPV6; - top_iph->hop_limit = dst_metric(dst->child, RTAX_HOPLIMIT);+ if(x->props.mode == XFRM_MODE_TUNNEL) {+ top_iph->version = 6;+ top_iph->priority = iph->priority;+ top_iph->flow_lbl[0] = iph->flow_lbl[0];+ top_iph->flow_lbl[1] = iph->flow_lbl[1];+ top_iph->flow_lbl[2] = iph->flow_lbl[2];+ dsfield = ipv6_get_dsfield(top_iph);+ dsfield = INET_ECN_encapsulate(dsfield, dsfield);+ if (x->props.flags & XFRM_STATE_NOECN)+ dsfield &= ~INET_ECN_MASK;+ ipv6_change_dsfield(top_iph, 0, dsfield);+ top_iph->nexthdr = IPPROTO_IPV6; + top_iph->hop_limit = dst_metric(dst->child, RTAX_HOPLIMIT);+ } ipv6_addr_copy(&top_iph->saddr, (struct in6_addr *)&x->props.saddr); ipv6_addr_copy(&top_iph->daddr, (struct in6_addr *)&x->id.daddr); }@@ -104,7 +107,7 @@ goto error_nolock; } - if (x->props.mode) {+ if (x->props.mode == XFRM_MODE_TUNNEL) { err = xfrm6_tunnel_check_size(skb); if (err) goto error_nolock;diff -urN 2.6.15.6/net/key/af_key.c beet/net/key/af_key.c--- 2.6.15.6/net/key/af_key.c 2006-03-05 21:07:54.000000000 +0200+++ beet/net/key/af_key.c 2006-03-11 14:44:56.000000000 +0200@@ -1074,7 +1074,8 @@ /* Nobody uses this, but we try. */ x->sel.family = pfkey_sadb_addr2xfrm_addr(addr, &x->sel.saddr); x->sel.prefixlen_s = addr->sadb_address_prefixlen;- }+ } else+ x->sel.family = x->props.family; /* Conservative */ if (ext_hdrs[SADB_X_EXT_NAT_T_TYPE-1]) { struct sadb_x_nat_t_type* n_type;diff -urN 2.6.15.6/net/xfrm/xfrm_user.c beet/net/xfrm/xfrm_user.c--- 2.6.15.6/net/xfrm/xfrm_user.c 2006-03-05 21:07:54.000000000 +0200+++ beet/net/xfrm/xfrm_user.c 2006-03-11 14:44:56.000000000 +0200@@ -148,8 +148,9 @@ err = -EINVAL; switch (p->mode) {- case 0:- case 1:+ case XFRM_MODE_TRANSPORT:+ case XFRM_MODE_TUNNEL:+ case XFRM_MODE_BEET: break; default:@@ -609,6 +610,7 @@ int i; xp->xfrm_nr = nr;+ xp->family = ut->family; for (i = 0; i < nr; i++, ut++) { struct xfrm_tmpl *t = &xp->xfrm_vec[i]; ⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -