[XFRM]: IPsec tunnel wildcard address support (ee51b1b6) · Commits · 戴 / test

net/ipv4/xfrm4_state.c

+15 −0

Original line number	Diff line number	Diff line
		@@ -42,6 +42,21 @@ __xfrm4_init_tempsel(struct xfrm_state x, struct flowi fl,
		x->props.saddr = tmpl->saddr;
		if (x->props.saddr.a4 == 0)
		x->props.saddr.a4 = saddr->a4;
		if (tmpl->mode && x->props.saddr.a4 == 0) {
		struct rtable *rt;
		struct flowi fl_tunnel = {
		.nl_u = {
		.ip4_u = {
		.daddr = x->id.daddr.a4,
		}
		}
		};
		if (!xfrm_dst_lookup((struct xfrm_dst **)&rt,
		&fl_tunnel, AF_INET)) {
		x->props.saddr.a4 = rt->rt_src;
		dst_release(&rt->u.dst);
		}
		}
		x->props.mode = tmpl->mode;
		x->props.reqid = tmpl->reqid;
		x->props.family = AF_INET;

+17 −0

Original line number	Diff line number	Diff line
		@@ -15,6 +15,7 @@
		#include <linux/pfkeyv2.h>
		#include <linux/ipsec.h>
		#include <net/ipv6.h>
		#include <net/addrconf.h>

		static struct xfrm_state_afinfo xfrm6_state_afinfo;

		@@ -41,6 +42,22 @@ __xfrm6_init_tempsel(struct xfrm_state x, struct flowi fl,
		memcpy(&x->props.saddr, &tmpl->saddr, sizeof(x->props.saddr));
		if (ipv6_addr_any((struct in6_addr*)&x->props.saddr))
		memcpy(&x->props.saddr, saddr, sizeof(x->props.saddr));
		if (tmpl->mode && ipv6_addr_any((struct in6_addr*)&x->props.saddr)) {
		struct rt6_info *rt;
		struct flowi fl_tunnel = {
		.nl_u = {
		.ip6_u = {
		.daddr = (struct in6_addr )daddr,
		}
		}
		};
		if (!xfrm_dst_lookup((struct xfrm_dst **)&rt,
		&fl_tunnel, AF_INET6)) {
		ipv6_get_saddr(&rt->u.dst, (struct in6_addr *)daddr,
		(struct in6_addr *)&x->props.saddr);
		dst_release(&rt->u.dst);
		}
		}
		x->props.mode = tmpl->mode;
		x->props.reqid = tmpl->reqid;
		x->props.family = AF_INET6;