Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src sync with latest libipsec/kernel.
details: https://anonhg.NetBSD.org/src/rev/1713a1b3afa3
branches: trunk
changeset: 481448:1713a1b3afa3
user: itojun <itojun%NetBSD.org@localhost>
date: Mon Jan 31 14:25:42 2000 +0000
description:
sync with latest libipsec/kernel.
diffstat:
usr.bin/telnet/commands.c | 80 +++++++++++++++++++++----------------
usr.bin/telnet/externs.h | 5 +-
usr.bin/telnet/main.c | 19 ++++++--
usr.sbin/traceroute/traceroute.c | 58 ++++++++++++++++++---------
usr.sbin/traceroute6/traceroute6.c | 53 +++++++++++++++++-------
5 files changed, 136 insertions(+), 79 deletions(-)
diffs (truncated from 395 to 300 lines):
diff -r f3a4bfbec68e -r 1713a1b3afa3 usr.bin/telnet/commands.c
--- a/usr.bin/telnet/commands.c Mon Jan 31 14:24:23 2000 +0000
+++ b/usr.bin/telnet/commands.c Mon Jan 31 14:25:42 2000 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: commands.c,v 1.36 2000/01/27 19:20:49 itojun Exp $ */
+/* $NetBSD: commands.c,v 1.37 2000/01/31 14:25:42 itojun Exp $ */
/*
* Copyright (C) 1997 and 1998 WIDE Project.
@@ -67,7 +67,7 @@
#if 0
static char sccsid[] = "@(#)commands.c 8.4 (Berkeley) 5/30/95";
#else
-__RCSID("$NetBSD: commands.c,v 1.36 2000/01/27 19:20:49 itojun Exp $");
+__RCSID("$NetBSD: commands.c,v 1.37 2000/01/31 14:25:42 itojun Exp $");
#endif
#endif /* not lint */
@@ -2180,6 +2180,39 @@
return (char *)inet_ntop(sa->sa_family, addr, addrbuf, sizeof(addrbuf));
}
+#if defined(IPSEC) && defined(IPSEC_POLICY_IPSEC)
+static int setpolicy __P((int, struct addrinfo *, char *));
+
+static int
+setpolicy(net, res, policy)
+ int net;
+ struct addrinfo *res;
+ char *policy;
+{
+ char *buf;
+ int level;
+ int optname;
+
+ if (policy == NULL)
+ return 0;
+
+ buf = ipsec_set_policy(policy, strlen(policy));
+ if (buf == NULL) {
+ printf("%s\n", ipsec_strerror());
+ return -1;
+ }
+ level = res->ai_family == AF_INET ? IPPROTO_IP : IPPROTO_IPV6;
+ optname = res->ai_family == AF_INET ? IP_IPSEC_POLICY : IPV6_IPSEC_POLICY;
+ if (setsockopt(net, level, optname, buf, ipsec_get_policylen(buf)) < 0){
+ perror("setsockopt");
+ return -1;
+ }
+
+ free(buf);
+ return 0;
+}
+#endif
+
int
tn(argc, argv)
int argc;
@@ -2329,40 +2362,17 @@
if (srp && setsockopt(net, proto, opt, srp, srlen) < 0)
perror("setsockopt (source route)");
}
+
#if defined(IPSEC) && defined(IPSEC_POLICY_IPSEC)
- if (ipsec_policy) {
- int len;
- char *buf;
- int level;
- int optname;
-
- if ((len = ipsec_get_policylen(ipsec_policy)) < 0) {
- printf("%s\n", ipsec_strerror());
- freeaddrinfo(res0);
- return 0;
- }
- if ((buf = (char *)malloc(len)) == NULL) {
- perror("malloc");
- freeaddrinfo(res0);
- return 0;
- }
- if ((len = ipsec_set_policy(buf, len, ipsec_policy)) < 0) {
- printf("%s\n", ipsec_strerror());
- (void) NetClose(net);
- net = -1;
- free(buf);
- continue;
- }
- level = res->ai_family == AF_INET ? IPPROTO_IP : IPPROTO_IPV6;
- optname = res->ai_family == AF_INET ? IP_IPSEC_POLICY : IPV6_IPSEC_POLICY;
- if (setsockopt(net, level, optname, buf, len) < 0){
- perror("setsockopt");
- (void) NetClose(net);
- net = -1;
- free(buf);
- continue;
- }
- free(buf);
+ if (setpolicy(net, res, ipsec_policy_in) < 0) {
+ (void) NetClose(net);
+ net = -1;
+ continue;
+ }
+ if (setpolicy(net, res, ipsec_policy_out) < 0) {
+ (void) NetClose(net);
+ net = -1;
+ continue;
}
#endif
diff -r f3a4bfbec68e -r 1713a1b3afa3 usr.bin/telnet/externs.h
--- a/usr.bin/telnet/externs.h Mon Jan 31 14:24:23 2000 +0000
+++ b/usr.bin/telnet/externs.h Mon Jan 31 14:25:42 2000 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: externs.h,v 1.16 2000/01/21 17:08:36 mycroft Exp $ */
+/* $NetBSD: externs.h,v 1.17 2000/01/31 14:25:43 itojun Exp $ */
/*
* Copyright (c) 1988, 1990, 1993
@@ -95,7 +95,8 @@
#if defined(IPSEC)
#include <netinet6/ipsec.h>
#if defined(IPSEC_POLICY_IPSEC)
-extern char *ipsec_policy;
+extern char *ipsec_policy_in;
+extern char *ipsec_policy_out;
#endif
#endif
diff -r f3a4bfbec68e -r 1713a1b3afa3 usr.bin/telnet/main.c
--- a/usr.bin/telnet/main.c Mon Jan 31 14:24:23 2000 +0000
+++ b/usr.bin/telnet/main.c Mon Jan 31 14:25:42 2000 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: main.c,v 1.11 1999/07/28 06:35:16 abs Exp $ */
+/* $NetBSD: main.c,v 1.12 2000/01/31 14:25:43 itojun Exp $ */
/*
* Copyright (c) 1988, 1990, 1993
@@ -43,7 +43,7 @@
#if 0
static char sccsid[] = "@(#)main.c 8.3 (Berkeley) 5/30/95";
#else
-__RCSID("$NetBSD: main.c,v 1.11 1999/07/28 06:35:16 abs Exp $");
+__RCSID("$NetBSD: main.c,v 1.12 2000/01/31 14:25:43 itojun Exp $");
#endif
#endif /* not lint */
@@ -65,7 +65,8 @@
#endif
#if defined(IPSEC) && defined(IPSEC_POLICY_IPSEC)
-char *ipsec_policy = NULL;
+char *ipsec_policy_in = NULL;
+char *ipsec_policy_out = NULL;
#endif
int main P((int, char *[]));
@@ -111,9 +112,10 @@
"[-r] ",
#endif
#if defined(IPSEC) && defined(IPSEC_POLICY_IPSEC)
- "[-P policy] "
+ "[-P policy] [host-name [port]]"
+#else
+ "[host-name [port]]"
#endif
- "[host-name [port]]"
);
exit(1);
}
@@ -297,7 +299,12 @@
break;
#if defined(IPSEC) && defined(IPSEC_POLICY_IPSEC)
case 'P':
- ipsec_policy = strdup(optarg);
+ if (!strncmp("in", optarg, 2))
+ ipsec_policy_in = strdup(optarg);
+ else if (!strncmp("out", optarg, 3))
+ ipsec_policy_out = strdup(optarg);
+ else
+ usage();
break;
#endif
case '?':
diff -r f3a4bfbec68e -r 1713a1b3afa3 usr.sbin/traceroute/traceroute.c
--- a/usr.sbin/traceroute/traceroute.c Mon Jan 31 14:24:23 2000 +0000
+++ b/usr.sbin/traceroute/traceroute.c Mon Jan 31 14:25:42 2000 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: traceroute.c,v 1.38 2000/01/25 16:24:32 sommerfeld Exp $ */
+/* $NetBSD: traceroute.c,v 1.39 2000/01/31 14:26:40 itojun Exp $ */
/*
* Copyright (c) 1988, 1989, 1991, 1994, 1995, 1996, 1997
@@ -29,7 +29,7 @@
#else
__COPYRIGHT("@(#) Copyright (c) 1988, 1989, 1991, 1994, 1995, 1996, 1997\n\
The Regents of the University of California. All rights reserved.\n");
-__RCSID("$NetBSD: traceroute.c,v 1.38 2000/01/25 16:24:32 sommerfeld Exp $");
+__RCSID("$NetBSD: traceroute.c,v 1.39 2000/01/31 14:26:40 itojun Exp $");
#endif
#endif
@@ -368,6 +368,11 @@
int wait_for_reply(int, struct sockaddr_in *, struct timeval *);
void frag_err(void);
int find_local_ip(struct sockaddr_in *, struct sockaddr_in *);
+#ifdef IPSEC
+#ifdef IPSEC_POLICY_IPSEC
+int setpolicy(int so, char *policy);
+#endif
+#endif
int
main(int argc, char **argv)
@@ -629,20 +634,14 @@
sizeof(on));
#ifdef IPSEC
#ifdef IPSEC_POLICY_IPSEC
- {
- int len;
- char buf[16];
-
/*
* do not raise error even if setsockopt fails, kernel may have ipsec
* turned off.
*/
- if ((len = ipsec_set_policy(buf, sizeof(buf), "bypass")) < 0) {
- Fprintf(stderr, "%s: %s\n", prog, ipsec_strerror());
+ if (setpolicy(s, "in bypass") < 0)
exit(1);
- }
- (void)setsockopt(s, IPPROTO_IP, IP_IPSEC_POLICY, buf, len);
- }
+ if (setpolicy(s, "out bypass") < 0)
+ exit(1);
#else
{
int level = IPSEC_LEVEL_AVAIL;
@@ -679,20 +678,14 @@
#ifdef IPSEC
#ifdef IPSEC_POLICY_IPSEC
- {
- int len;
- char buf[16];
-
/*
* do not raise error even if setsockopt fails, kernel may have ipsec
* turned off.
*/
- if ((len = ipsec_set_policy(buf, sizeof(buf), "bypass")) < 0) {
- Fprintf(stderr, "%s: %s\n", prog, ipsec_strerror());
+ if (setpolicy(sndsock, "in bypass") < 0)
exit(1);
- }
- (void)setsockopt(sndsock, IPPROTO_IP, IP_IPSEC_POLICY, buf, len);
- }
+ if (setpolicy(sndsock, "out bypass") < 0)
+ exit(1);
#else
{
int level = IPSEC_LEVEL_BYPASS;
@@ -1638,3 +1631,28 @@
setsin(from, help.sin_addr.s_addr);
return (1);
}
+
+#ifdef IPSEC
+#ifdef IPSEC_POLICY_IPSEC
+int
+setpolicy(so, policy)
+ int so;
+ char *policy;
+{
+ char *buf;
+
+ buf = ipsec_set_policy(policy, strlen(policy));
+ if (buf == NULL) {
+ Fprintf(stderr, "%s: %s\n", prog, ipsec_strerror());
+ return -1;
+ }
+ (void)setsockopt(so, IPPROTO_IP, IP_IPSEC_POLICY,
+ buf, ipsec_get_policylen(buf));
+
+ free(buf);
+
+ return 0;
+}
+#endif
+#endif
+
diff -r f3a4bfbec68e -r 1713a1b3afa3 usr.sbin/traceroute6/traceroute6.c
--- a/usr.sbin/traceroute6/traceroute6.c Mon Jan 31 14:24:23 2000 +0000
+++ b/usr.sbin/traceroute6/traceroute6.c Mon Jan 31 14:25:42 2000 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: traceroute6.c,v 1.5 1999/09/03 01:49:16 itojun Exp $ */
+/* $NetBSD: traceroute6.c,v 1.6 2000/01/31 14:26:44 itojun Exp $ */
/*
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@@ -78,7 +78,7 @@
Home |
Main Index |
Thread Index |
Old Index