From: Sabrina Dubroca <sd@queasysnail.net>
Date: Fri, 31 Mar 2023 13:18:25 +0000 (+0200)
Subject: ip-xfrm: accept "allow" as action in ip xfrm policy setdefault
X-Git-Tag: v6.3.0~17
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=009739adb92cfaab54e9e3f31ecdd7dcf4082e0c;p=thirdparty%2Fiproute2.git

ip-xfrm: accept "allow" as action in ip xfrm policy setdefault

The help text claims that setdefault takes ACTION values, ie block |
allow. In reality, xfrm_str_to_policy takes block | accept.

We could also fix that by changing the help text/manpage, but then
it'd be frustrating to have multiple ACTION with similar values used
in different subcommands.

I'm not changing the output in xfrm_policy_to_str because some
userspace somewhere probably depends on the "accept" value.

Fixes: 76b30805f9f6 ("xfrm: enable to manage default policies")
Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
Acked-by: Nicolas Dichtel <nicolas.dichtel@6wind.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
---

diff --git a/ip/xfrm_policy.c b/ip/xfrm_policy.c
index be2235ca9..8687ced35 100644
--- a/ip/xfrm_policy.c
+++ b/ip/xfrm_policy.c
@@ -1141,7 +1141,8 @@ static int xfrm_str_to_policy(char *name, uint8_t *policy)
 	if (strcmp(name, "block") == 0) {
 		*policy = XFRM_USERPOLICY_BLOCK;
 		return 0;
-	} else if (strcmp(name, "accept") == 0) {
+	} else if (strcmp(name, "accept") == 0 ||
+		   strcmp(name, "allow") == 0) {
 		*policy = XFRM_USERPOLICY_ACCEPT;
 		return 0;
 	}