]>
Commit | Line | Data |
---|---|---|
b4f8d26c MT |
1 | packaging/utils/nattpatch 2.6 |
2 | --- /dev/null Tue Mar 11 13:02:56 2003 | |
3 | +++ nat-t/include/net/xfrmudp.h Mon Feb 9 13:51:03 2004 | |
4 | @@ -0,0 +1,10 @@ | |
5 | +/* | |
6 | + * pointer to function for type that xfrm4_input wants, to permit | |
7 | + * decoupling of XFRM from udp.c | |
8 | + */ | |
9 | +#define HAVE_XFRM4_UDP_REGISTER | |
10 | + | |
11 | +typedef int (*xfrm4_rcv_encap_t)(struct sk_buff *skb, __u16 encap_type); | |
12 | +extern int udp4_register_esp_rcvencap(xfrm4_rcv_encap_t func | |
13 | + , xfrm4_rcv_encap_t *oldfunc); | |
14 | +extern int udp4_unregister_esp_rcvencap(xfrm4_rcv_encap_t func); | |
15 | --- /distros/kernel/linux-2.6.11.2/net/ipv4/Kconfig 2005-03-09 03:12:33.000000000 -0500 | |
16 | +++ swan26/net/ipv4/Kconfig 2005-04-04 18:46:13.000000000 -0400 | |
17 | @@ -351,2 +351,8 @@ | |
18 | ||
19 | +config IPSEC_NAT_TRAVERSAL | |
20 | + bool "IPSEC NAT-Traversal (KLIPS compatible)" | |
21 | + depends on INET | |
22 | + ---help--- | |
23 | + Includes support for RFC3947/RFC3948 NAT-Traversal of ESP over UDP. | |
24 | + | |
25 | config IP_TCPDIAG | |
26 | --- plain26/net/ipv4/udp.c.orig 2006-01-02 22:21:10.000000000 -0500 | |
27 | +++ plain26/net/ipv4/udp.c 2006-01-12 20:18:57.000000000 -0500 | |
28 | @@ -110,2 +110,3 @@ | |
29 | #include <net/xfrm.h> | |
30 | +#include <net/xfrmudp.h> | |
31 | ||
32 | @@ -894,6 +897,44 @@ | |
33 | sk_common_release(sk); | |
34 | } | |
35 | ||
36 | +#if defined(CONFIG_XFRM) || defined(CONFIG_IPSEC_NAT_TRAVERSAL) | |
37 | + | |
38 | +/* if XFRM isn't a module, then register it directly. */ | |
39 | +#if !defined(CONFIG_XFRM_MODULE) | |
40 | +static xfrm4_rcv_encap_t xfrm4_rcv_encap_func = xfrm4_rcv_encap; | |
41 | +#else | |
42 | +static xfrm4_rcv_encap_t xfrm4_rcv_encap_func = NULL; | |
43 | +#endif | |
44 | + | |
45 | +static xfrm4_rcv_encap_t xfrm4_rcv_encap_func; | |
46 | + | |
47 | +int udp4_register_esp_rcvencap(xfrm4_rcv_encap_t func | |
48 | + , xfrm4_rcv_encap_t *oldfunc) | |
49 | +{ | |
50 | + if(oldfunc != NULL) { | |
51 | + *oldfunc = xfrm4_rcv_encap_func; | |
52 | + } | |
53 | + | |
54 | +#if 0 | |
55 | + if(xfrm4_rcv_encap_func != NULL) | |
56 | + return -1; | |
57 | +#endif | |
58 | + | |
59 | + xfrm4_rcv_encap_func = func; | |
60 | + return 0; | |
61 | +} | |
62 | + | |
63 | +int udp4_unregister_esp_rcvencap(xfrm4_rcv_encap_t func) | |
64 | +{ | |
65 | + if(xfrm4_rcv_encap_func != func) | |
66 | + return -1; | |
67 | + | |
68 | + xfrm4_rcv_encap_func = NULL; | |
69 | + return 0; | |
70 | +} | |
71 | +#endif /* CONFIG_XFRM || defined(CONFIG_IPSEC_NAT_TRAVERSAL)*/ | |
72 | + | |
73 | + | |
74 | /* return: | |
75 | * 1 if the the UDP system should process it | |
76 | * 0 if we should drop this packet | |
77 | @@ -901,9 +940,9 @@ | |
78 | */ | |
79 | static int udp_encap_rcv(struct sock * sk, struct sk_buff *skb) | |
80 | { | |
81 | -#ifndef CONFIG_XFRM | |
82 | +#if !defined(CONFIG_XFRM) && !defined(CONFIG_IPSEC_NAT_TRAVERSAL) | |
83 | return 1; | |
84 | -#else | |
85 | +#else /* either CONFIG_XFRM or CONFIG_IPSEC_NAT_TRAVERSAL */ | |
86 | struct udp_sock *up = udp_sk(sk); | |
87 | struct udphdr *uh = skb->h.uh; | |
88 | struct iphdr *iph; | |
89 | @@ -1021,10 +1060,14 @@ | |
90 | return 0; | |
91 | } | |
92 | if (ret < 0) { | |
93 | - /* process the ESP packet */ | |
94 | - ret = xfrm4_rcv_encap(skb, up->encap_type); | |
95 | - UDP_INC_STATS_BH(UDP_MIB_INDATAGRAMS); | |
96 | - return -ret; | |
97 | + if(xfrm4_rcv_encap_func != NULL) { | |
98 | + ret = (*xfrm4_rcv_encap_func)(skb, up->encap_type); | |
99 | + UDP_INC_STATS_BH(UDP_MIB_INDATAGRAMS); | |
100 | + } else { | |
101 | + UDP_INC_STATS_BH(UDP_MIB_INERRORS); | |
102 | + ret = 1; | |
103 | + } | |
104 | + return ret; | |
105 | } | |
106 | /* FALLTHROUGH -- it's a UDP Packet */ | |
107 | } | |
108 | @@ -1114,7 +1157,6 @@ | |
109 | /* | |
110 | * All we need to do is get the socket, and then do a checksum. | |
111 | */ | |
112 | - | |
113 | int udp_rcv(struct sk_buff *skb) | |
114 | { | |
115 | struct sock *sk; | |
116 | @@ -1571,3 +1613,9 @@ | |
117 | EXPORT_SYMBOL(udp_proc_register); | |
118 | EXPORT_SYMBOL(udp_proc_unregister); | |
119 | #endif | |
120 | + | |
121 | +#if defined(CONFIG_IPSEC_NAT_TRAVERSAL) | |
122 | +EXPORT_SYMBOL(udp4_register_esp_rcvencap); | |
123 | +EXPORT_SYMBOL(udp4_unregister_esp_rcvencap); | |
124 | +#endif | |
125 | + |