cleanup debugging printfs and fix port endianness printing issue.
This commit is contained in:
parent
14f6ebbe2b
commit
bdca82a2cd
|
@ -1,4 +1,4 @@
|
|||
/* $NetBSD: key.c,v 1.90 2014/06/05 17:18:19 christos Exp $ */
|
||||
/* $NetBSD: key.c,v 1.91 2014/06/16 03:34:45 christos Exp $ */
|
||||
/* $FreeBSD: src/sys/netipsec/key.c,v 1.3.2.3 2004/02/14 22:23:23 bms Exp $ */
|
||||
/* $KAME: key.c,v 1.191 2001/06/27 10:46:49 sakane Exp $ */
|
||||
|
||||
|
@ -32,7 +32,7 @@
|
|||
*/
|
||||
|
||||
#include <sys/cdefs.h>
|
||||
__KERNEL_RCSID(0, "$NetBSD: key.c,v 1.90 2014/06/05 17:18:19 christos Exp $");
|
||||
__KERNEL_RCSID(0, "$NetBSD: key.c,v 1.91 2014/06/16 03:34:45 christos Exp $");
|
||||
|
||||
/*
|
||||
* This code is referd to RFC 2367
|
||||
|
@ -5082,11 +5082,93 @@ static int
|
|||
key_handle_natt_info(struct secasvar *sav,
|
||||
const struct sadb_msghdr *mhp)
|
||||
{
|
||||
const char *msg = "?" ;
|
||||
struct sadb_x_nat_t_type *type;
|
||||
struct sadb_x_nat_t_port *sport, *dport;
|
||||
struct sadb_address *iaddr, *raddr;
|
||||
struct sadb_x_nat_t_frag *frag;
|
||||
|
||||
if (mhp->ext[SADB_X_EXT_NAT_T_TYPE] == NULL ||
|
||||
mhp->ext[SADB_X_EXT_NAT_T_SPORT] == NULL ||
|
||||
mhp->ext[SADB_X_EXT_NAT_T_DPORT] == NULL)
|
||||
return 0;
|
||||
|
||||
if (mhp->extlen[SADB_X_EXT_NAT_T_TYPE] < sizeof(*type)) {
|
||||
msg = "TYPE";
|
||||
goto bad;
|
||||
}
|
||||
|
||||
if (mhp->extlen[SADB_X_EXT_NAT_T_SPORT] < sizeof(*sport)) {
|
||||
msg = "SPORT";
|
||||
goto bad;
|
||||
}
|
||||
|
||||
if (mhp->extlen[SADB_X_EXT_NAT_T_DPORT] < sizeof(*dport)) {
|
||||
msg = "DPORT";
|
||||
goto bad;
|
||||
}
|
||||
|
||||
if (mhp->ext[SADB_X_EXT_NAT_T_OAI] != NULL) {
|
||||
ipseclog((LOG_DEBUG,"%s: NAT-T OAi present\n", __func__));
|
||||
if (mhp->extlen[SADB_X_EXT_NAT_T_OAI] < sizeof(*iaddr)) {
|
||||
msg = "OAI";
|
||||
goto bad;
|
||||
}
|
||||
}
|
||||
|
||||
if (mhp->ext[SADB_X_EXT_NAT_T_OAR] != NULL) {
|
||||
ipseclog((LOG_DEBUG,"%s: NAT-T OAr present\n", __func__));
|
||||
if (mhp->extlen[SADB_X_EXT_NAT_T_OAR] < sizeof(*raddr)) {
|
||||
msg = "OAR";
|
||||
goto bad;
|
||||
}
|
||||
}
|
||||
|
||||
if (mhp->ext[SADB_X_EXT_NAT_T_FRAG] != NULL) {
|
||||
if (mhp->extlen[SADB_X_EXT_NAT_T_FRAG] < sizeof(*frag)) {
|
||||
msg = "FRAG";
|
||||
goto bad;
|
||||
}
|
||||
}
|
||||
|
||||
type = (struct sadb_x_nat_t_type *)mhp->ext[SADB_X_EXT_NAT_T_TYPE];
|
||||
sport = (struct sadb_x_nat_t_port *)mhp->ext[SADB_X_EXT_NAT_T_SPORT];
|
||||
dport = (struct sadb_x_nat_t_port *)mhp->ext[SADB_X_EXT_NAT_T_DPORT];
|
||||
iaddr = (struct sadb_address *)mhp->ext[SADB_X_EXT_NAT_T_OAI];
|
||||
raddr = (struct sadb_address *)mhp->ext[SADB_X_EXT_NAT_T_OAR];
|
||||
frag = (struct sadb_x_nat_t_frag *)mhp->ext[SADB_X_EXT_NAT_T_FRAG];
|
||||
|
||||
ipseclog((LOG_DEBUG, "%s: type %d, sport = %d, dport = %d\n",
|
||||
__func__, type->sadb_x_nat_t_type_type,
|
||||
ntohs(sport->sadb_x_nat_t_port_port),
|
||||
ntohs(dport->sadb_x_nat_t_port_port)));
|
||||
|
||||
sav->natt_type = type->sadb_x_nat_t_type_type;
|
||||
key_porttosaddr(&sav->sah->saidx.src,
|
||||
sport->sadb_x_nat_t_port_port);
|
||||
key_porttosaddr(&sav->sah->saidx.dst,
|
||||
dport->sadb_x_nat_t_port_port);
|
||||
if (frag)
|
||||
sav->esp_frag = frag->sadb_x_nat_t_frag_fraglen;
|
||||
else
|
||||
sav->esp_frag = IP_MAXPACKET;
|
||||
|
||||
return 0;
|
||||
bad:
|
||||
ipseclog((LOG_DEBUG, "%s: invalid message %s\n", __func__, msg));
|
||||
__USE(msg);
|
||||
return -1;
|
||||
}
|
||||
|
||||
/* Just update the IPSEC_NAT_T ports if present */
|
||||
static int
|
||||
key_set_natt_ports(union sockaddr_union *src, union sockaddr_union *dst,
|
||||
const struct sadb_msghdr *mhp)
|
||||
{
|
||||
if (mhp->ext[SADB_X_EXT_NAT_T_OAI] != NULL)
|
||||
ipseclog((LOG_DEBUG,"update: NAT-T OAi present\n"));
|
||||
ipseclog((LOG_DEBUG,"%s: NAT-T OAi present\n", __func__));
|
||||
if (mhp->ext[SADB_X_EXT_NAT_T_OAR] != NULL)
|
||||
ipseclog((LOG_DEBUG,"update: NAT-T OAr present\n"));
|
||||
ipseclog((LOG_DEBUG,"%s: NAT-T OAr present\n", __func__));
|
||||
|
||||
if ((mhp->ext[SADB_X_EXT_NAT_T_TYPE] != NULL) &&
|
||||
(mhp->ext[SADB_X_EXT_NAT_T_SPORT] != NULL) &&
|
||||
|
@ -5094,32 +5176,12 @@ key_handle_natt_info(struct secasvar *sav,
|
|||
struct sadb_x_nat_t_type *type;
|
||||
struct sadb_x_nat_t_port *sport;
|
||||
struct sadb_x_nat_t_port *dport;
|
||||
struct sadb_address *iaddr, *raddr;
|
||||
struct sadb_x_nat_t_frag *frag;
|
||||
|
||||
if ((mhp->extlen[SADB_X_EXT_NAT_T_TYPE] < sizeof(*type)) ||
|
||||
(mhp->extlen[SADB_X_EXT_NAT_T_SPORT] < sizeof(*sport)) ||
|
||||
(mhp->extlen[SADB_X_EXT_NAT_T_DPORT] < sizeof(*dport))) {
|
||||
ipseclog((LOG_DEBUG, "key_update: "
|
||||
"invalid message.\n"));
|
||||
return -1;
|
||||
}
|
||||
|
||||
if ((mhp->ext[SADB_X_EXT_NAT_T_OAI] != NULL) &&
|
||||
(mhp->extlen[SADB_X_EXT_NAT_T_OAI] < sizeof(*iaddr))) {
|
||||
ipseclog((LOG_DEBUG, "key_update: invalid message\n"));
|
||||
return -1;
|
||||
}
|
||||
|
||||
if ((mhp->ext[SADB_X_EXT_NAT_T_OAR] != NULL) &&
|
||||
(mhp->extlen[SADB_X_EXT_NAT_T_OAR] < sizeof(*raddr))) {
|
||||
ipseclog((LOG_DEBUG, "key_update: invalid message\n"));
|
||||
return -1;
|
||||
}
|
||||
|
||||
if ((mhp->ext[SADB_X_EXT_NAT_T_FRAG] != NULL) &&
|
||||
(mhp->extlen[SADB_X_EXT_NAT_T_FRAG] < sizeof(*frag))) {
|
||||
ipseclog((LOG_DEBUG, "key_update: invalid message\n"));
|
||||
ipseclog((LOG_DEBUG, "%s: invalid message\n",
|
||||
__func__));
|
||||
return -1;
|
||||
}
|
||||
|
||||
|
@ -5129,73 +5191,14 @@ key_handle_natt_info(struct secasvar *sav,
|
|||
mhp->ext[SADB_X_EXT_NAT_T_SPORT];
|
||||
dport = (struct sadb_x_nat_t_port *)
|
||||
mhp->ext[SADB_X_EXT_NAT_T_DPORT];
|
||||
iaddr = (struct sadb_address *)
|
||||
mhp->ext[SADB_X_EXT_NAT_T_OAI];
|
||||
raddr = (struct sadb_address *)
|
||||
mhp->ext[SADB_X_EXT_NAT_T_OAR];
|
||||
frag = (struct sadb_x_nat_t_frag *)
|
||||
mhp->ext[SADB_X_EXT_NAT_T_FRAG];
|
||||
|
||||
ipseclog((LOG_DEBUG,
|
||||
"key_update: type %d, sport = %d, dport = %d\n",
|
||||
type->sadb_x_nat_t_type_type,
|
||||
sport->sadb_x_nat_t_port_port,
|
||||
dport->sadb_x_nat_t_port_port));
|
||||
key_porttosaddr(src, sport->sadb_x_nat_t_port_port);
|
||||
key_porttosaddr(dst, dport->sadb_x_nat_t_port_port);
|
||||
|
||||
if (type)
|
||||
sav->natt_type = type->sadb_x_nat_t_type_type;
|
||||
if (sport)
|
||||
key_porttosaddr(&sav->sah->saidx.src,
|
||||
sport->sadb_x_nat_t_port_port);
|
||||
if (dport)
|
||||
key_porttosaddr(&sav->sah->saidx.dst,
|
||||
dport->sadb_x_nat_t_port_port);
|
||||
if (frag)
|
||||
sav->esp_frag = frag->sadb_x_nat_t_frag_fraglen;
|
||||
else
|
||||
sav->esp_frag = IP_MAXPACKET;
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
/* Just update the IPSEC_NAT_T ports if present */
|
||||
static int
|
||||
key_set_natt_ports(union sockaddr_union *src, union sockaddr_union *dst,
|
||||
const struct sadb_msghdr *mhp)
|
||||
{
|
||||
|
||||
if (mhp->ext[SADB_X_EXT_NAT_T_OAI] != NULL)
|
||||
ipseclog((LOG_DEBUG,"update: NAT-T OAi present\n"));
|
||||
if (mhp->ext[SADB_X_EXT_NAT_T_OAR] != NULL)
|
||||
ipseclog((LOG_DEBUG,"update: NAT-T OAr present\n"));
|
||||
|
||||
if ((mhp->ext[SADB_X_EXT_NAT_T_TYPE] != NULL) &&
|
||||
(mhp->ext[SADB_X_EXT_NAT_T_SPORT] != NULL) &&
|
||||
(mhp->ext[SADB_X_EXT_NAT_T_DPORT] != NULL)) {
|
||||
struct sadb_x_nat_t_type *type;
|
||||
struct sadb_x_nat_t_port *sport;
|
||||
struct sadb_x_nat_t_port *dport;
|
||||
|
||||
if ((mhp->extlen[SADB_X_EXT_NAT_T_TYPE] < sizeof(*type)) ||
|
||||
(mhp->extlen[SADB_X_EXT_NAT_T_SPORT] < sizeof(*sport)) ||
|
||||
(mhp->extlen[SADB_X_EXT_NAT_T_DPORT] < sizeof(*dport))) {
|
||||
ipseclog((LOG_DEBUG, "key_update: "
|
||||
"invalid message.\n"));
|
||||
return -1;
|
||||
}
|
||||
|
||||
sport = (struct sadb_x_nat_t_port *)
|
||||
mhp->ext[SADB_X_EXT_NAT_T_SPORT];
|
||||
dport = (struct sadb_x_nat_t_port *)
|
||||
mhp->ext[SADB_X_EXT_NAT_T_DPORT];
|
||||
|
||||
if (sport)
|
||||
key_porttosaddr(src,
|
||||
sport->sadb_x_nat_t_port_port);
|
||||
if (dport)
|
||||
key_porttosaddr(dst,
|
||||
dport->sadb_x_nat_t_port_port);
|
||||
ipseclog((LOG_DEBUG, "%s: type %d, sport = %d, dport = %d\n",
|
||||
__func__, type->sadb_x_nat_t_type_type,
|
||||
ntohs(sport->sadb_x_nat_t_port_port),
|
||||
ntohs(dport->sadb_x_nat_t_port_port)));
|
||||
}
|
||||
|
||||
return 0;
|
||||
|
|
Loading…
Reference in New Issue