⭐ 欢迎来到虫虫下载站! | 📦 资源下载 📁 资源专辑 ℹ️ 关于我们
⭐ 虫虫下载站
📤 上传资源

📄 interfamily-2.6.14.2

📁 Host Identity Protocol on Linux is an implemetation of the Host Identity Protocol (HIP) and the rela
💻 2
📖 第 1 页 / 共 2 页
字号:
🔍
12 
-			local  = xfrm[i]->props.saddr.a4;-			tunnel = 1;++		if (xfrm[i]->props.mode == XFRM_MODE_TUNNEL || xfrm[i]->props.mode == XFRM_MODE_BEET) {+			outer_family = xfrm[i]->props.family;+			beet = (xfrm[i]->props.mode == XFRM_MODE_BEET);++			if(outer_family == AF_INET6){+				remote.in6 = (struct in6_addr*)&xfrm[i]->id.daddr;+				local.in6 = (struct in6_addr*)&xfrm[i]->props.saddr;+			} else if(outer_family == AF_INET){+				remote.in = (struct in_addr*)&xfrm[i]->id.daddr;+				local.in = (struct in_addr*)&xfrm[i]->props.saddr;+			} else+				BUG_ON(1); 		} 		header_len += xfrm[i]->props.header_len; 		trailer_len += xfrm[i]->props.trailer_len; -		if (tunnel) {-			fl_tunnel.fl4_src = local;-			fl_tunnel.fl4_dst = remote;+		if (outer_family) {+			switch(outer_family) {+			case AF_INET:+				fl_tunnel.fl4_dst = remote.in->s_addr;+				fl_tunnel.fl4_src = local.in->s_addr;+				break;+			case AF_INET6:+				ipv6_addr_copy(&fl_tunnel.fl6_dst, remote.in6);+				ipv6_addr_copy(&fl_tunnel.fl6_src, local.in6);+				break;+			default:+				BUG_ON(1);+			} 			err = xfrm_dst_lookup((struct xfrm_dst **)&rt,-					      &fl_tunnel, AF_INET);+					      &fl_tunnel, outer_family); 			if (err) 				goto error;+			/* Without this, the atomic inc below segfaults */+			if (outer_family == AF_INET6) {+				rt->peer = NULL;+				rt_bind_peer(rt,1);+			} 		} else 			dst_hold(&rt->u.dst); 	}@@ -162,6 +190,11 @@ 	}  	xfrm_init_pmtu(dst);+	if (beet && outer_family == AF_INET6) {+		int delta = sizeof(struct ipv6hdr) - sizeof(struct iphdr);+		u32 mtu = dst_mtu(dst);+		xfrm4_update_pmtu(dst, mtu - delta);+	} 	return 0;  error:diff -urN linux-2.6.14.2-beet/net/ipv6/xfrm6_input.c linux-2.6.14.2-interfamily/net/ipv6/xfrm6_input.c--- linux-2.6.14.2-beet/net/ipv6/xfrm6_input.c	2005-12-01 16:10:58.000000000 +0200+++ linux-2.6.14.2-interfamily/net/ipv6/xfrm6_input.c	2005-12-01 15:59:04.000000000 +0200@@ -81,15 +81,33 @@ 		xfrm_vec[xfrm_nr++].xvec = x;  		if (x->props.mode == XFRM_MODE_TUNNEL) {-			if (nexthdr != IPPROTO_IPV6)-				goto drop;-			if (!pskb_may_pull(skb, sizeof(struct ipv6hdr)))-				goto drop;-			if (skb_cloned(skb) &&-			    pskb_expand_head(skb, 0, 0, GFP_ATOMIC))-				goto drop;-			if (x->props.flags & XFRM_STATE_DECAP_DSCP)-				ipv6_copy_dscp(skb->nh.ipv6h, skb->h.ipv6h);+			if (x->sel.family == AF_INET6) {++				if (nexthdr != IPPROTO_IPV6)+					goto drop;+				if (!pskb_may_pull(skb, sizeof(struct ipv6hdr)))+					goto drop;+				if (skb_cloned(skb) &&+				    pskb_expand_head(skb, 0, 0, GFP_ATOMIC))+					goto drop;+				if (x->props.flags & XFRM_STATE_DECAP_DSCP)+					ipv6_copy_dscp(skb->nh.ipv6h, skb->h.ipv6h);+			} else if (x->sel.family == AF_INET) {++				if (nexthdr != IPPROTO_IPIP)+					goto drop;+				if (!pskb_may_pull(skb, sizeof(struct iphdr)))+					goto drop;+				if (skb_cloned(skb) &&+				    pskb_expand_head(skb, 0, 0, GFP_ATOMIC))+					goto drop;+				if (x->props.flags & XFRM_STATE_DECAP_DSCP)+					ipv4_copy_dscp(skb->nh.iph, skb->h.ipiph);++				memset(&(IPCB(skb)->opt), 0, sizeof(struct ip_options));+				skb->protocol = htons(ETH_P_IP);+			}+ 			if (!(x->props.flags & XFRM_STATE_NOECN)) 				ipip6_ecn_decapsulate(skb); 			skb->mac.raw = memmove(skb->data - skb->mac_len,@@ -98,7 +116,15 @@ 			decaps = 1; 			break; 		} else if (x->props.mode == XFRM_MODE_BEET) {-			int size = sizeof(struct ipv6hdr);+			int size = (x->sel.family == AF_INET) ? sizeof(struct iphdr) : sizeof(struct ipv6hdr);+			int delta = sizeof(struct ipv6hdr) - sizeof(struct iphdr);+			u8 proto = skb->nh.ipv6h->nexthdr, hops = skb->nh.ipv6h->hop_limit;+			if (x->sel.family == AF_INET) {+				/* Inner = IPv4, therefore the IPhdr must be shrunk */+				/* Inner = 4, Outer = 6 */+				skb->nh.raw += delta;+			}+ 			if (skb_cloned(skb) && 			    pskb_expand_head(skb, 0, 0, GFP_ATOMIC)) 				goto drop;@@ -112,10 +138,27 @@  			if (x->sel.family == AF_INET6) { 				struct ipv6hdr *ip6h = skb->nh.ipv6h;-				ip6h = skb->nh.ipv6h; 				ip6h->payload_len = htons(skb->len - size); 				ipv6_addr_copy(&ip6h->daddr, (struct in6_addr *) &x->sel.daddr.a6); 				ipv6_addr_copy(&ip6h->saddr, (struct in6_addr *) &x->sel.saddr.a6);+			} else if (x->sel.family == AF_INET) {+				struct iphdr *iph = (struct iphdr*) skb->nh.raw;+				iph->ihl = (sizeof(struct iphdr) >> 2);+				iph->version = 4;+				iph->tos = 0;+				iph->id = 0;+				iph->frag_off = 0;+				iph->ttl = hops;+				iph->protocol = proto;+				iph->daddr = x->sel.daddr.a4;+				iph->saddr = x->sel.saddr.a4;+				iph->tot_len = htons(skb->len);+				ip_send_check(iph);+				skb->protocol = htons(ETH_P_IP);+				skb->h.raw = skb->nh.raw;++				dst_release(skb->dst);+				skb->dst = NULL; 			} else 				BUG_ON(1); diff -urN linux-2.6.14.2-beet/net/ipv6/xfrm6_output.c linux-2.6.14.2-interfamily/net/ipv6/xfrm6_output.c--- linux-2.6.14.2-beet/net/ipv6/xfrm6_output.c	2005-12-01 16:10:58.000000000 +0200+++ linux-2.6.14.2-interfamily/net/ipv6/xfrm6_output.c	2005-12-01 15:59:04.000000000 +0200@@ -44,7 +44,7 @@ 	iph = skb->nh.ipv6h;  	if (x->props.mode == XFRM_MODE_TRANSPORT ||-	    x->props.mode == XFRM_MODE_BEET) {+	    (x->props.mode == XFRM_MODE_BEET && x->props.family == AF_INET6)) { 		u8 *prevhdr; 		int hdr_len; @@ -52,30 +52,58 @@ 		skb->nh.raw = prevhdr - x->props.header_len; 		skb->h.raw = skb->data + hdr_len; 		memmove(skb->data, iph, hdr_len);-		if (!x->props.mode)+		if (x->props.mode == XFRM_MODE_TRANSPORT) 			return; 	}  	skb->nh.raw = skb->data; 	top_iph = skb->nh.ipv6h;-	skb->nh.raw = &top_iph->nexthdr;-	skb->h.ipv6h = top_iph + 1;-	if(x->props.mode == XFRM_MODE_TUNNEL) {-		top_iph->version = 6;-		top_iph->priority = iph->priority;-		top_iph->flow_lbl[0] = iph->flow_lbl[0];-		top_iph->flow_lbl[1] = iph->flow_lbl[1];-		top_iph->flow_lbl[2] = iph->flow_lbl[2];-		dsfield = ipv6_get_dsfield(top_iph);-		dsfield = INET_ECN_encapsulate(dsfield, dsfield);-		if (x->props.flags & XFRM_STATE_NOECN)-			dsfield &= ~INET_ECN_MASK;-		ipv6_change_dsfield(top_iph, 0, dsfield);-		top_iph->nexthdr = IPPROTO_IPV6; -		top_iph->hop_limit = dst_metric(dst->child, RTAX_HOPLIMIT);-	}-	ipv6_addr_copy(&top_iph->saddr, (struct in6_addr *)&x->props.saddr);-	ipv6_addr_copy(&top_iph->daddr, (struct in6_addr *)&x->id.daddr);+	if (x->props.family == AF_INET6) {+		skb->nh.raw = &top_iph->nexthdr;+		skb->h.ipv6h = top_iph + 1;+		ipv6_addr_copy(&top_iph->saddr, (struct in6_addr *)&x->props.saddr);+		ipv6_addr_copy(&top_iph->daddr, (struct in6_addr *)&x->id.daddr);+		if (x->props.mode == XFRM_MODE_TUNNEL) {+			top_iph->version = 6;+			top_iph->priority = iph->priority;+			top_iph->flow_lbl[0] = iph->flow_lbl[0];+			top_iph->flow_lbl[1] = iph->flow_lbl[1];+			top_iph->flow_lbl[2] = iph->flow_lbl[2];+			dsfield = ipv6_get_dsfield(top_iph);+			dsfield = INET_ECN_encapsulate(dsfield, dsfield);+			if (x->props.flags & XFRM_STATE_NOECN)+				dsfield &= ~INET_ECN_MASK;+			ipv6_change_dsfield(top_iph, 0, dsfield);+			top_iph->nexthdr = IPPROTO_IPV6; +			top_iph->hop_limit = dst_metric(dst->child, RTAX_HOPLIMIT);+		}+	} else if (x->props.family == AF_INET) {+		/* Inner = 6, Outer = 4 : changing the external IP hdr+		 * to the outer addresses+		 */+		struct iphdr *top_iphv4;+		u8 protocol = iph->nexthdr;+		if (x->props.mode == XFRM_MODE_BEET) {+			int delta = sizeof(struct ipv6hdr) - sizeof(struct iphdr);+			skb->nh.raw = skb_pull(skb, delta);+		}+		top_iphv4 = skb->nh.iph;+		skb->h.raw = skb->data + x->props.header_len;+		top_iphv4->ihl = (sizeof(struct iphdr) >> 2);+		top_iphv4->version = 4;+		top_iphv4->id = 0;+		top_iphv4->frag_off = htons(IP_DF);+		top_iphv4->ttl = dst_metric(dst->child, RTAX_HOPLIMIT);+		top_iphv4->saddr = x->props.saddr.a4;+		top_iphv4->daddr = x->id.daddr.a4;+		if (x->props.mode == XFRM_MODE_TUNNEL)+			top_iphv4->protocol = IPPROTO_IPV6;+		else {+			skb->h.raw += top_iphv4->ihl*4;+			top_iphv4->protocol = protocol;+		}+	} else+		BUG_ON(1); }  static int xfrm6_tunnel_check_size(struct sk_buff *skb)diff -urN linux-2.6.14.2-beet/net/ipv6/xfrm6_policy.c linux-2.6.14.2-interfamily/net/ipv6/xfrm6_policy.c--- linux-2.6.14.2-beet/net/ipv6/xfrm6_policy.c	2005-11-11 07:33:12.000000000 +0200+++ linux-2.6.14.2-interfamily/net/ipv6/xfrm6_policy.c	2005-12-01 15:59:04.000000000 +0200@@ -26,6 +26,8 @@  static struct xfrm_type_map xfrm6_type_map = { .lock = RW_LOCK_UNLOCKED }; +static void xfrm6_update_pmtu(struct dst_entry *dst, u32 mtu);+ static int xfrm6_dst_lookup(struct xfrm_dst **dst, struct flowi *fl) { 	int err = 0;@@ -74,16 +76,19 @@ 	struct dst_entry *dst, *dst_prev; 	struct rt6_info *rt0 = (struct rt6_info*)(*dst_p); 	struct rt6_info *rt  = rt0;-	struct in6_addr *remote = &fl->fl6_dst;-	struct in6_addr *local  = &fl->fl6_src; 	struct flowi fl_tunnel = { 		.nl_u = { 			.ip6_u = {-				.saddr = *local,-				.daddr = *remote+				.saddr = fl->fl6_src,+				.daddr = fl->fl6_dst 			} 		} 	};+	union {+		struct in6_addr *in6;+		struct in_addr *in;+	} remote, local;+	unsigned short outer_family = 0, beet = 0; 	int i; 	int err = 0; 	int header_len = 0;@@ -95,7 +100,6 @@ 	for (i = 0; i < nx; i++) { 		struct dst_entry *dst1 = dst_alloc(&xfrm6_dst_ops); 		struct xfrm_dst *xdst;-		int tunnel = 0;  		if (unlikely(dst1 == NULL)) { 			err = -ENOBUFS;@@ -118,19 +122,35 @@  		dst1->next = dst_prev; 		dst_prev = dst1;-		if (xfrm[i]->props.mode) {-			remote = (struct in6_addr*)&xfrm[i]->id.daddr;-			local  = (struct in6_addr*)&xfrm[i]->props.saddr;-			tunnel = 1;+		if (xfrm[i]->props.mode == XFRM_MODE_TUNNEL || xfrm[i]->props.mode == XFRM_MODE_BEET) {+			outer_family = xfrm[i]->props.family;+			beet = (xfrm[i]->props.mode == XFRM_MODE_BEET);+			if (outer_family == AF_INET6) {+				remote.in6 = (struct in6_addr*)&xfrm[i]->id.daddr;+				local.in6 = (struct in6_addr*)&xfrm[i]->props.saddr;+			} else if(outer_family == AF_INET){+				remote.in = (struct in_addr*)&xfrm[i]->id.daddr;+				local.in = (struct in_addr*)&xfrm[i]->props.saddr;+			} 		} 		header_len += xfrm[i]->props.header_len; 		trailer_len += xfrm[i]->props.trailer_len; -		if (tunnel) {-			ipv6_addr_copy(&fl_tunnel.fl6_dst, remote);-			ipv6_addr_copy(&fl_tunnel.fl6_src, local);+		if (outer_family) {+			switch(outer_family) {+			case AF_INET:+				fl_tunnel.fl4_dst = remote.in->s_addr;+				fl_tunnel.fl4_src = local.in->s_addr;+				break;+			case AF_INET6:+				ipv6_addr_copy(&fl_tunnel.fl6_dst, remote.in6);+				ipv6_addr_copy(&fl_tunnel.fl6_src, local.in6);+				break;+			default:+				BUG_ON(1);+			} 			err = xfrm_dst_lookup((struct xfrm_dst **) &rt,-					      &fl_tunnel, AF_INET6);+					      &fl_tunnel, outer_family); 			if (err) 				goto error; 		} else@@ -181,6 +201,11 @@ 	}  	xfrm_init_pmtu(dst);+	if (beet && outer_family == AF_INET) {+		int delta = sizeof(struct ipv6hdr) - sizeof(struct iphdr);+		u32 mtu = dst_mtu(dst);+		xfrm6_update_pmtu(dst, mtu + delta);+	} 	return 0;  error:diff -urN linux-2.6.14.2-beet/net/key/af_key.c linux-2.6.14.2-interfamily/net/key/af_key.c--- linux-2.6.14.2-beet/net/key/af_key.c	2005-12-01 16:10:58.000000000 +0200+++ linux-2.6.14.2-interfamily/net/key/af_key.c	2005-12-01 15:59:04.000000000 +0200@@ -1670,35 +1670,35 @@ 		if (!t->reqid && !(t->reqid = gen_reqid())) 			return -ENOBUFS; 	}--	/* addresses present only in tunnel mode */-	if (t->mode) {-		switch (xp->family) {+/* addresses present in any mode */+	{+		struct sockaddr *sa;+		sa = (struct sockaddr *)(rq+1);+		switch(sa->sa_family) { 		case AF_INET:-			sin = (void*)(rq+1);-			if (sin->sin_family != AF_INET)-				return -EINVAL;+			sin = (struct sockaddr_in *)sa; 			t->saddr.a4 = sin->sin_addr.s_addr; 			sin++; 			if (sin->sin_family != AF_INET) 				return -EINVAL; 			t->id.daddr.a4 = sin->sin_addr.s_addr;+ 			break; #if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE) 		case AF_INET6:-			sin6 = (void *)(rq+1);-			if (sin6->sin6_family != AF_INET6)-				return -EINVAL;+			sin6 = (struct sockaddr_in6 *)sa; 			memcpy(t->saddr.a6, &sin6->sin6_addr, sizeof(struct in6_addr)); 			sin6++; 			if (sin6->sin6_family != AF_INET6) 				return -EINVAL; 			memcpy(t->id.daddr.a6, &sin6->sin6_addr, sizeof(struct in6_addr));+ 			break; #endif 		default: 			return -EINVAL; 		}+		t->outer_family = sa->sa_family; 	} 	/* No way to set this via kame pfkey */ 	t->aalgos = t->ealgos = t->calgos = ~0;diff -urN linux-2.6.14.2-beet/net/xfrm/xfrm_policy.c linux-2.6.14.2-interfamily/net/xfrm/xfrm_policy.c--- linux-2.6.14.2-beet/net/xfrm/xfrm_policy.c	2005-11-11 07:33:12.000000000 +0200+++ linux-2.6.14.2-interfamily/net/xfrm/xfrm_policy.c	2005-12-01 15:59:04.000000000 +0200@@ -646,6 +646,7 @@ 		if (tmpl->mode) { 			remote = &tmpl->id.daddr; 			local = &tmpl->saddr;+			family = tmpl->outer_family; 		}  		x = xfrm_state_find(remote, local, fl, tmpl, policy, &error, family);diff -urN linux-2.6.14.2-beet/net/xfrm/xfrm_user.c linux-2.6.14.2-interfamily/net/xfrm/xfrm_user.c--- linux-2.6.14.2-beet/net/xfrm/xfrm_user.c	2005-12-01 16:10:58.000000000 +0200+++ linux-2.6.14.2-interfamily/net/xfrm/xfrm_user.c	2005-12-01 15:59:04.000000000 +0200@@ -610,7 +610,6 @@ 	int i;  	xp->xfrm_nr = nr;-	xp->family = ut->family; 	for (i = 0; i < nr; i++, ut++) { 		struct xfrm_tmpl *t = &xp->xfrm_vec[i]; @@ -624,6 +623,7 @@ 		t->aalgos = ut->aalgos; 		t->ealgos = ut->ealgos; 		t->calgos = ut->calgos;+		t->outer_family = ut->family; 	} }
12

⌨️ 快捷键说明

复制代码 Ctrl + C
搜索代码 Ctrl + F
全屏模式 F11
切换主题 Ctrl + Shift + D
显示快捷键 ?
增大字号 Ctrl + =
减小字号 Ctrl + -