Aren
/
NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
NetBSD/sys/net
History
spz 445e6acd20 fix two bugs in the PFKEY interface: 
1) RFC2367 says in 2.3.3 Address Extension: "All non-address
   information in the sockaddrs, such as sin_zero for AF_INET sockaddrs,
   and sin6_flowinfo for AF_INET6 sockaddrs, MUST be zeroed out."
   the IPSEC_NAT_T code was expecting the port information it needs
   to be conveyed in the sockaddr instead of exclusively by
   SADB_X_EXT_NAT_T_SPORT and SADB_X_EXT_NAT_T_DPORT,
   and was not zeroing out the port information in the non-nat-traversal
   case.
   Since it was expecting the port information to reside in the sockaddr
   it could get away with (re)setting the ports after starting to use them.
   -> Set the natt ports before setting the SA mature.

2) RFC3947 has two Original Address fields, initiator and responder,
   so we need SADB_X_EXT_NAT_T_OAI and SADB_X_EXT_NAT_T_OAR and not just
   SADB_X_EXT_NAT_T_OA

The change has been created using vanhu's patch for FreeBSD as reference.

Note that establishing actual nat-t sessions has not yet been tested.

Likely fixes the following:
PR bin/41757
PR net/42592
PR net/42606
 		2010-09-05 06:52:53 +00:00
..
agr Keep condvar wmesg within 8 char limit 2010-08-11 11:47:29 +00:00
npf Import NPF - a packet filter. Some features: 2010-08-22 18:56:18 +00:00
Makefile Import NPF - a packet filter. Some features: 2010-08-22 18:56:18 +00:00
bpf.c Add a little comment on how bpf can be made unloadable, per pointer from ad. 2010-04-14 13:31:33 +00:00
bpf.h Push the bpf_ops usage back into bpf.h. Push the common ifp->if_bpf 2010-04-05 07:19:28 +00:00
bpf_filter.c the correct check for BPF_K is with BPF_SRC for BPF_ALU ops, from 2010-04-21 16:35:09 +00:00
bpf_stub.c Push the bpf_ops usage back into bpf.h. Push the common ifp->if_bpf 2010-04-05 07:19:28 +00:00
bpfdesc.h add BIOC{G,S}FEEDBACK which allows one to receive injected outgoing packets 2010-03-13 20:38:48 +00:00
bridgestp.c
bsd-comp.c
dlt.h
ethertypes.h
files.pf Import pfsync support from OpenBSD 4.2 2009-09-14 10:36:48 +00:00
if.c Correct the argument order of ifreqn2o conversion. 2010-06-12 08:12:03 +00:00
if.h Forward declare struct bpf_if and use that as the type for bpf_if 2010-01-17 19:45:06 +00:00
if_arc.h
if_arcsubr.c Push the bpf_ops usage back into bpf.h. Push the common ifp->if_bpf 2010-04-05 07:19:28 +00:00
if_arp.h
if_atm.h
if_atmsubr.c Push the bpf_ops usage back into bpf.h. Push the common ifp->if_bpf 2010-04-05 07:19:28 +00:00
if_bridge.c Redefine bpf linkage through an always present op vector, i.e. 2010-01-19 22:06:18 +00:00
if_bridgevar.h
if_dl.h
if_eco.h
if_ecosubr.c Push the bpf_ops usage back into bpf.h. Push the common ifp->if_bpf 2010-04-05 07:19:28 +00:00
if_ether.h Replace ether_nonstatic_aton with a 2010-05-19 20:41:59 +00:00
if_etherip.c Replace ether_nonstatic_aton with a 2010-05-19 20:41:59 +00:00
if_etherip.h
if_ethersubr.c Don't assume that rt_tag family is AF_MPLS but verify it. 2010-06-27 13:39:11 +00:00
if_faith.c Push the bpf_ops usage back into bpf.h. Push the common ifp->if_bpf 2010-04-05 07:19:28 +00:00
if_faith.h
if_fddi.h
if_fddisubr.c Push the bpf_ops usage back into bpf.h. Push the common ifp->if_bpf 2010-04-05 07:19:28 +00:00
if_gif.c Push the bpf_ops usage back into bpf.h. Push the common ifp->if_bpf 2010-04-05 07:19:28 +00:00
if_gif.h
if_gre.c Add MPLS support, proposed on tech-net@ a couple of days ago 2010-06-26 14:24:27 +00:00
if_gre.h Add __cacheline_aligned and __read_mostly annotations. 2010-06-01 22:13:30 +00:00
if_hippi.h
if_hippisubr.c Push the bpf_ops usage back into bpf.h. Push the common ifp->if_bpf 2010-04-05 07:19:28 +00:00
if_ieee1394.h
if_ieee1394subr.c Push the bpf_ops usage back into bpf.h. Push the common ifp->if_bpf 2010-04-05 07:19:28 +00:00
if_llc.h
if_loop.c Push the bpf_ops usage back into bpf.h. Push the common ifp->if_bpf 2010-04-05 07:19:28 +00:00
if_media.c Replace u_quad_t with uint64_t. u_quad_t is just a typedef for 2009-10-05 21:25:05 +00:00
if_media.h Replace u_quad_t with uint64_t. u_quad_t is just a typedef for 2009-10-05 21:25:05 +00:00
if_mpls.c Don't assume that rt_tag family is AF_MPLS but verify it. 2010-06-27 13:39:11 +00:00
if_mpls.h Add MPLS support, proposed on tech-net@ a couple of days ago 2010-06-26 14:24:27 +00:00
if_ppp.c Update the rest of the kernel to conform to the module subsystem's new 2010-08-21 13:19:39 +00:00
if_ppp.h
if_pppoe.c Push the bpf_ops usage back into bpf.h. Push the common ifp->if_bpf 2010-04-05 07:19:28 +00:00
if_pppoe.h
if_pppvar.h
if_sl.c Push the bpf_ops usage back into bpf.h. Push the common ifp->if_bpf 2010-04-05 07:19:28 +00:00
if_slvar.h
if_sppp.h COMPAT_50 support for SPPP[GS]ETIDLETO and SPPP[GS]ETKEEPALIVE, ok martin@ 2010-04-20 14:32:03 +00:00
if_spppsubr.c COMPAT_50 support for SPPP[GS]ETIDLETO and SPPP[GS]ETKEEPALIVE, ok martin@ 2010-04-20 14:32:03 +00:00
if_spppvar.h Replace u_quad_t with uint64_t. u_quad_t is just a typedef for 2009-10-05 21:25:05 +00:00
if_srt.c Push the bpf_ops usage back into bpf.h. Push the common ifp->if_bpf 2010-04-05 07:19:28 +00:00
if_srt.h KNF. 2009-12-09 00:44:26 +00:00
if_stf.c Push the bpf_ops usage back into bpf.h. Push the common ifp->if_bpf 2010-04-05 07:19:28 +00:00
if_stf.h
if_strip.c Push the bpf_ops usage back into bpf.h. Push the common ifp->if_bpf 2010-04-05 07:19:28 +00:00
if_stripvar.h
if_tap.c Replace ether_nonstatic_aton with a 2010-05-19 20:41:59 +00:00
if_tap.h
if_token.h
if_tokensubr.c Push the bpf_ops usage back into bpf.h. Push the common ifp->if_bpf 2010-04-05 07:19:28 +00:00
if_tun.c Push the bpf_ops usage back into bpf.h. Push the common ifp->if_bpf 2010-04-05 07:19:28 +00:00
if_tun.h
if_types.h
if_vlan.c Push the bpf_ops usage back into bpf.h. Push the common ifp->if_bpf 2010-04-05 07:19:28 +00:00
if_vlanvar.h
link_proto.c
net_osdep.h Provide privilege checking code snippets for all significant NetBSD 2009-05-06 22:17:41 +00:00
net_stats.c
net_stats.h
netisr.h Style fix: Tab consistency with the lines around it 2010-06-27 06:48:40 +00:00
netisr_dispatch.h Add MPLS support, proposed on tech-net@ a couple of days ago 2010-06-26 14:24:27 +00:00
pfil.c
pfil.h
pfkeyv2.h fix two bugs in the PFKEY interface: 2010-09-05 06:52:53 +00:00
ppp-comp.h
ppp-deflate.c
ppp_defs.h
ppp_tty.c Push the bpf_ops usage back into bpf.h. Push the common ifp->if_bpf 2010-04-05 07:19:28 +00:00
radix.c Make it possible to register delayed radix tree head inits which 2009-05-27 17:46:49 +00:00
radix.h Make it possible to register delayed radix tree head inits which 2009-05-27 17:46:49 +00:00
raw_cb.c
raw_cb.h
raw_usrreq.c
route.c Add MPLS support, proposed on tech-net@ a couple of days ago 2010-06-26 14:24:27 +00:00
route.h Add MPLS support, proposed on tech-net@ a couple of days ago 2010-06-26 14:24:27 +00:00
rtsock.c we need to set rt_ifp even if ifa is the same. Fixes the case when one 2010-06-28 17:26:11 +00:00
slcompress.c Use memcmp(9) and memcpy(9) directly rather than via 2009-04-18 15:20:06 +00:00
slcompress.h
slip.h
zlib.c
zlib.h