esp4: prepare esp_input_done2 for non-UDP encapsulation (25f6802b) · Commits · 戴 / test

For espintcp encapsulation, we will need to get the source port from the TCP header instead of UDP. Introduce a variable to hold the port. Co-developed-by:

Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by:

Sabrina Dubroca <sd@queasysnail.net> Acked-by:

David S. Miller <davem@davemloft.net> Signed-off-by:

Steffen Klassert <steffen.klassert@secunet.com>

net/ipv4/esp4.c

+14 −2

Original line number	Diff line number	Diff line
		@@ -601,6 +601,18 @@ int esp_input_done2(struct sk_buff *skb, int err)
		if (x->encap) {
		struct xfrm_encap_tmpl *encap = x->encap;
		struct udphdr uh = (void )(skb_network_header(skb) + ihl);
		__be16 source;

		switch (x->encap->encap_type) {
		case UDP_ENCAP_ESPINUDP:
		case UDP_ENCAP_ESPINUDP_NON_IKE:
		source = uh->source;
		break;
		default:
		WARN_ON_ONCE(1);
		err = -EINVAL;
		goto out;
		}

		/*
		* 1) if the NAT-T peer's IP or port changed then
		@@ -609,11 +621,11 @@ int esp_input_done2(struct sk_buff *skb, int err)
		* SRC ports.
		*/
		if (iph->saddr != x->props.saddr.a4 \|\|
		uh->source != encap->encap_sport) {
		source != encap->encap_sport) {
		xfrm_address_t ipaddr;

		ipaddr.a4 = iph->saddr;
		km_new_mapping(x, &ipaddr, uh->source);
		km_new_mapping(x, &ipaddr, source);

		/* XXX: perhaps add an extra
		* policy check here, to see

Admin message