ext->sadb_address_len = PFKEY_LEN(sizeof(*ext) + *len);
}
+/**
+ * add a host to the given sadb_msg
+ */
+static void add_addr_ext(struct sadb_msg *msg, host_t *host, u_int16_t type,
+ u_int8_t proto, u_int8_t prefixlen)
+{
+ struct sadb_address *addr = (struct sadb_address*)PFKEY_EXT_ADD_NEXT(msg);
+ addr->sadb_address_exttype = type;
+ addr->sadb_address_proto = proto;
+ addr->sadb_address_prefixlen = prefixlen;
+ host2ext(host, addr);
+ PFKEY_EXT_ADD(msg, addr);
+}
+
+/**
+ * adds an empty address extension to the given sadb_msg
+ */
+static void add_anyaddr_ext(struct sadb_msg *msg, int family, u_int8_t type)
+{
+ socklen_t len = (family == AF_INET) ? sizeof(struct sockaddr_in) :
+ sizeof(struct sockaddr_in6);
+ struct sadb_address *addr = (struct sadb_address*)PFKEY_EXT_ADD_NEXT(msg);
+ addr->sadb_address_exttype = type;
+ sockaddr_t *saddr = (sockaddr_t*)(addr + 1);
+ saddr->sa_family = family;
+ addr->sadb_address_len = PFKEY_LEN(sizeof(*addr) + len);
+ PFKEY_EXT_ADD(msg, addr);
+}
+
/**
* add udp encap extensions to a sadb_msg
*/
unsigned char request[PFKEY_BUFFER_SIZE];
struct sadb_msg *msg, *out;
struct sadb_x_sa2 *sa2;
- struct sadb_address *addr;
struct sadb_spirange *range;
pfkey_msg_t response;
u_int32_t received_spi = 0;
sa2->sadb_x_sa2_reqid = reqid;
PFKEY_EXT_ADD(msg, sa2);
- addr = (struct sadb_address*)PFKEY_EXT_ADD_NEXT(msg);
- addr->sadb_address_exttype = SADB_EXT_ADDRESS_SRC;
- host2ext(src, addr);
- PFKEY_EXT_ADD(msg, addr);
-
- addr = (struct sadb_address*)PFKEY_EXT_ADD_NEXT(msg);
- addr->sadb_address_exttype = SADB_EXT_ADDRESS_DST;
- host2ext(dst, addr);
- PFKEY_EXT_ADD(msg, addr);
+ add_addr_ext(msg, src, SADB_EXT_ADDRESS_SRC, 0, 0);
+ add_addr_ext(msg, dst, SADB_EXT_ADDRESS_DST, 0, 0);
range = (struct sadb_spirange*)PFKEY_EXT_ADD_NEXT(msg);
range->sadb_spirange_exttype = SADB_EXT_SPIRANGE;
struct sadb_msg *msg, *out;
struct sadb_sa *sa;
struct sadb_x_sa2 *sa2;
- struct sadb_address *addr;
struct sadb_lifetime *lft;
struct sadb_key *key;
size_t len;
sa2->sadb_x_sa2_reqid = reqid;
PFKEY_EXT_ADD(msg, sa2);
- addr = (struct sadb_address*)PFKEY_EXT_ADD_NEXT(msg);
- addr->sadb_address_exttype = SADB_EXT_ADDRESS_SRC;
- host2ext(src, addr);
- PFKEY_EXT_ADD(msg, addr);
-
- addr = (struct sadb_address*)PFKEY_EXT_ADD_NEXT(msg);
- addr->sadb_address_exttype = SADB_EXT_ADDRESS_DST;
- host2ext(dst, addr);
- PFKEY_EXT_ADD(msg, addr);
+ add_addr_ext(msg, src, SADB_EXT_ADDRESS_SRC, 0, 0);
+ add_addr_ext(msg, dst, SADB_EXT_ADDRESS_DST, 0, 0);
lft = (struct sadb_lifetime*)PFKEY_EXT_ADD_NEXT(msg);
lft->sadb_lifetime_exttype = SADB_EXT_LIFETIME_SOFT;
unsigned char request[PFKEY_BUFFER_SIZE];
struct sadb_msg *msg, *out;
struct sadb_sa *sa;
- struct sadb_address *addr;
pfkey_msg_t response;
size_t len;
PFKEY_EXT_ADD(msg, sa);
/* the kernel wants a SADB_EXT_ADDRESS_SRC to be present even though
- * it is not used for anything, so we just send dst twice */
- addr = (struct sadb_address*)PFKEY_EXT_ADD_NEXT(msg);
- addr->sadb_address_exttype = SADB_EXT_ADDRESS_SRC;
- host2ext(dst, addr);
- PFKEY_EXT_ADD(msg, addr);
-
- addr = (struct sadb_address*)PFKEY_EXT_ADD_NEXT(msg);
- addr->sadb_address_exttype = SADB_EXT_ADDRESS_DST;
- host2ext(dst, addr);
- PFKEY_EXT_ADD(msg, addr);
+ * it is not used for anything. */
+ add_anyaddr_ext(msg, dst->get_family(dst), SADB_EXT_ADDRESS_SRC);
+ add_addr_ext(msg, dst, SADB_EXT_ADDRESS_DST, 0, 0);
if (pfkey_send(this, msg, &out, &len) != SUCCESS)
{
unsigned char request[PFKEY_BUFFER_SIZE];
struct sadb_msg *msg, *out;
struct sadb_sa *sa;
- struct sadb_address *addr;
size_t len;
memset(&request, 0, sizeof(request));
PFKEY_EXT_ADD(msg, sa);
/* the kernel wants a SADB_EXT_ADDRESS_SRC to be present even though
- * it is not used for anything, so we just send dst twice */
- addr = (struct sadb_address*)PFKEY_EXT_ADD_NEXT(msg);
- addr->sadb_address_exttype = SADB_EXT_ADDRESS_SRC;
- host2ext(dst, addr);
- PFKEY_EXT_ADD(msg, addr);
-
- addr = (struct sadb_address*)PFKEY_EXT_ADD_NEXT(msg);
- addr->sadb_address_exttype = SADB_EXT_ADDRESS_DST;
- host2ext(dst, addr);
- PFKEY_EXT_ADD(msg, addr);
+ * it is not used for anything. */
+ add_anyaddr_ext(msg, dst->get_family(dst), SADB_EXT_ADDRESS_SRC);
+ add_addr_ext(msg, dst, SADB_EXT_ADDRESS_DST, 0, 0);
if (pfkey_send(this, msg, &out, &len) != SUCCESS)
{
unsigned char request[PFKEY_BUFFER_SIZE];
struct sadb_msg *msg, *out;
struct sadb_x_policy *pol;
- struct sadb_address *addr;
struct sadb_x_ipsecrequest *req;
policy_entry_t *policy, *found = NULL;
pfkey_msg_t response;
pol->sadb_x_policy_len += PFKEY_LEN(req->sadb_x_ipsecrequest_len);
PFKEY_EXT_ADD(msg, pol);
- addr = (struct sadb_address*)PFKEY_EXT_ADD_NEXT(msg);
- addr->sadb_address_exttype = SADB_EXT_ADDRESS_SRC;
- addr->sadb_address_proto = policy->src.proto;
- addr->sadb_address_prefixlen = policy->src.mask;
- host2ext(policy->src.net, addr);
- PFKEY_EXT_ADD(msg, addr);
-
- addr = (struct sadb_address*)PFKEY_EXT_ADD_NEXT(msg);
- addr->sadb_address_exttype = SADB_EXT_ADDRESS_DST;
- addr->sadb_address_proto = policy->dst.proto;
- addr->sadb_address_prefixlen = policy->dst.mask;
- host2ext(policy->dst.net, addr);
- PFKEY_EXT_ADD(msg, addr);
+ add_addr_ext(msg, policy->src.net, SADB_EXT_ADDRESS_SRC, policy->src.proto,
+ policy->src.mask);
+ add_addr_ext(msg, policy->dst.net, SADB_EXT_ADDRESS_DST, policy->dst.proto,
+ policy->dst.mask);
this->mutex->unlock(this->mutex);
unsigned char request[PFKEY_BUFFER_SIZE];
struct sadb_msg *msg, *out;
struct sadb_x_policy *pol;
- struct sadb_address *addr;
policy_entry_t *policy, *found = NULL;
pfkey_msg_t response;
size_t len;
pol->sadb_x_policy_type = IPSEC_POLICY_IPSEC;
PFKEY_EXT_ADD(msg, pol);
- addr = (struct sadb_address*)PFKEY_EXT_ADD_NEXT(msg);
- addr->sadb_address_exttype = SADB_EXT_ADDRESS_SRC;
- addr->sadb_address_proto = policy->src.proto;
- addr->sadb_address_prefixlen = policy->src.mask;
- host2ext(policy->src.net, addr);
- PFKEY_EXT_ADD(msg, addr);
-
- addr = (struct sadb_address*)PFKEY_EXT_ADD_NEXT(msg);
- addr->sadb_address_exttype = SADB_EXT_ADDRESS_DST;
- addr->sadb_address_proto = policy->dst.proto;
- addr->sadb_address_prefixlen = policy->dst.mask;
- host2ext(policy->dst.net, addr);
- PFKEY_EXT_ADD(msg, addr);
+ add_addr_ext(msg, policy->src.net, SADB_EXT_ADDRESS_SRC, policy->src.proto,
+ policy->src.mask);
+ add_addr_ext(msg, policy->dst.net, SADB_EXT_ADDRESS_DST, policy->dst.proto,
+ policy->dst.mask);
this->mutex->unlock(this->mutex);
unsigned char request[PFKEY_BUFFER_SIZE];
struct sadb_msg *msg, *out;
struct sadb_x_policy *pol;
- struct sadb_address *addr;
policy_entry_t *policy, *found = NULL;
route_entry_t *route;
size_t len;
pol->sadb_x_policy_type = IPSEC_POLICY_IPSEC;
PFKEY_EXT_ADD(msg, pol);
- addr = (struct sadb_address*)PFKEY_EXT_ADD_NEXT(msg);
- addr->sadb_address_exttype = SADB_EXT_ADDRESS_SRC;
- addr->sadb_address_proto = policy->src.proto;
- addr->sadb_address_prefixlen = policy->src.mask;
- host2ext(policy->src.net, addr);
- PFKEY_EXT_ADD(msg, addr);
-
- addr = (struct sadb_address*)PFKEY_EXT_ADD_NEXT(msg);
- addr->sadb_address_exttype = SADB_EXT_ADDRESS_DST;
- addr->sadb_address_proto = policy->dst.proto;
- addr->sadb_address_prefixlen = policy->dst.mask;
- host2ext(policy->dst.net, addr);
- PFKEY_EXT_ADD(msg, addr);
+ add_addr_ext(msg, policy->src.net, SADB_EXT_ADDRESS_SRC, policy->src.proto,
+ policy->src.mask);
+ add_addr_ext(msg, policy->dst.net, SADB_EXT_ADDRESS_DST, policy->dst.proto,
+ policy->dst.mask);
route = policy->route;
policy->route = NULL;
projects / thirdparty / strongswan.git / commitdiff
