Home Explore Help
Sign In
PUBLIC_REPOS
/
buildroot
mirror of git://git.buildroot.net/buildroot
2
1
Fork 0
Files
Tree: 980df901b9
Branches Tags
buildroot
/
package
/
openswan
/
linux-2.6.20-openswan-2.4.7.kernel-2.6-natt.patch

linux-2.6.20-openswan-2.4.7.kernel-2.6-natt.patch 4.2 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158 
  1. packaging/utils/nattpatch 2.6
    2. 

  2. --- /dev/null   Tue Mar 11 13:02:56 2003
    3. 

  3. +++ nat-t/include/net/xfrmudp.h     Mon Feb  9 13:51:03 2004
    4. 

  4. @@ -0,0 +1,10 @@
    5. 

  5. +/*
    6. 

  6. + * pointer to function for type that xfrm4_input wants, to permit
    7. 

  7. + * decoupling of XFRM from udp.c
    8. 

  8. + */
    9. 

  9. +#define HAVE_XFRM4_UDP_REGISTER
    10. 

  10. +
    11. 

  11. +typedef int (*xfrm4_rcv_encap_t)(struct sk_buff *skb, __u16 encap_type);
    12. 

  12. +extern int udp4_register_esp_rcvencap(xfrm4_rcv_encap_t func
    13. 

  13. +				      , xfrm4_rcv_encap_t *oldfunc);
    14. 

  14. +extern int udp4_unregister_esp_rcvencap(xfrm4_rcv_encap_t func);
    15. 

  15. --- /distros/kernel/linux-2.6.11.2/net/ipv4/Kconfig	2005-03-09 03:12:33.000000000 -0500
    16. 

  16. +++ swan26/net/ipv4/Kconfig	2005-04-04 18:46:13.000000000 -0400
    17. 

  17. @@ -351,2 +351,8 @@
    18. 

  18.  
    19. 

  19. +config IPSEC_NAT_TRAVERSAL
    20. 

  20. +	bool "IPSEC NAT-Traversal (KLIPS compatible)"
    21. 

  21. +	depends on INET
    22. 

  22. +	---help---
    23. 

  23. +          Includes support for RFC3947/RFC3948 NAT-Traversal of ESP over UDP.
    24. 

  24. +
    25. 

  25.  config IP_TCPDIAG
    26. 

  26. --- plain26/net/ipv4/udp.c.orig	2006-01-02 22:21:10.000000000 -0500
    27. 

  27. +++ plain26/net/ipv4/udp.c	2006-01-10 20:07:21.000000000 -0500
    28. 

  28. @@ -108,11 +108,14 @@
    29. 

  29.  #include <net/checksum.h>
    30. 

  30.  #include <net/xfrm.h>
    31. 

  31. +#include <net/xfrmudp.h>
    32. 

  32.  #include "udp_impl.h"
    33. 

  33.  
    34. 

  34.  /*
    35. 

  35.   *	Snmp MIB for the UDP layer
    36. 

  36.   */
    37. 

  37.  
    38. 

  38. +static xfrm4_rcv_encap_t xfrm4_rcv_encap_func;
    39. 

  39. +
    40. 

  40.  DEFINE_SNMP_STAT(struct udp_mib, udp_statistics) __read_mostly;
    41. 

  41.  
    42. 

  42.  struct hlist_head udp_hash[UDP_HTABLE_SIZE];
    43. 

  43. @@ -894,6 +897,42 @@
    44. 

  44.  	sk_common_release(sk);
    45. 

  45.  }
    46. 

  46.  
    47. 

  47. +#if defined(CONFIG_XFRM) || defined(CONFIG_IPSEC_NAT_TRAVERSAL)
    48. 

  48. +
    49. 

  49. +/* if XFRM isn't a module, then register it directly. */
    50. 

  50. +#if 0 && !defined(CONFIG_XFRM_MODULE) && !defined(CONFIG_IPSEC_NAT_TRAVERSAL)
    51. 

  51. +static xfrm4_rcv_encap_t xfrm4_rcv_encap_func = xfrm4_rcv_encap;
    52. 

  52. +#else
    53. 

  53. +static xfrm4_rcv_encap_t xfrm4_rcv_encap_func = NULL;
    54. 

  54. +#endif
    55. 

  55. +
    56. 

  56. +int udp4_register_esp_rcvencap(xfrm4_rcv_encap_t func
    57. 

  57. +			       , xfrm4_rcv_encap_t *oldfunc)
    58. 

  58. +{
    59. 

  59. +  if(oldfunc != NULL) {
    60. 

  60. +    *oldfunc = xfrm4_rcv_encap_func;
    61. 

  61. +  }
    62. 

  62. +
    63. 

  63. +#if 0
    64. 

  64. +  if(xfrm4_rcv_encap_func != NULL)
    65. 

  65. +    return -1;
    66. 

  66. +#endif
    67. 

  67. +
    68. 

  68. +  xfrm4_rcv_encap_func = func;
    69. 

  69. +  return 0;
    70. 

  70. +}
    71. 

  71. +
    72. 

  72. +int udp4_unregister_esp_rcvencap(xfrm4_rcv_encap_t func)
    73. 

  73. +{
    74. 

  74. +  if(xfrm4_rcv_encap_func != func)
    75. 

  75. +    return -1;
    76. 

  76. +
    77. 

  77. +  xfrm4_rcv_encap_func = NULL;
    78. 

  78. +  return 0;
    79. 

  79. +}
    80. 

  80. +#endif /* CONFIG_XFRM_MODULE || CONFIG_IPSEC_NAT_TRAVERSAL */
    81. 

  81. +
    82. 

  82. +
    83. 

  83.  /* return:
    84. 

  84.   * 	1  if the the UDP system should process it
    85. 

  85.   *	0  if we should drop this packet
    86. 

  86. @@ -901,9 +940,9 @@
    87. 

  87.   */
    88. 

  88.  static int udp_encap_rcv(struct sock * sk, struct sk_buff *skb)
    89. 

  89.  {
    90. 

  90. -#ifndef CONFIG_XFRM
    91. 

  91. +#if !defined(CONFIG_XFRM) && !defined(CONFIG_IPSEC_NAT_TRAVERSAL)
    92. 

  92.  	return 1; 
    93. 

  93. -#else
    94. 

  94. +#else /* either CONFIG_XFRM or CONFIG_IPSEC_NAT_TRAVERSAL */
    95. 

  95.  	struct udp_sock *up = udp_sk(sk);
    96. 

  96.    	struct udphdr *uh = skb->h.uh;
    97. 

  97.  	struct iphdr *iph;
    98. 

  98. @@ -915,11 +954,11 @@
    99. 

  99.  	/* if we're overly short, let UDP handle it */
    100. 

  100.  	len = skb->len - sizeof(struct udphdr);
    101. 

  101.  	if (len <= 0)
    102. 

  102. -		return 1;
    103. 

  103. +		return 2;
    104. 

  104.  
    105. 

  105.  	/* if this is not encapsulated socket, then just return now */
    106. 

  106.  	if (!encap_type)
    107. 

  107. -		return 1;
    108. 

  108. +		return 3;
    109. 

  109.  
    110. 

  110.  	/* If this is a paged skb, make sure we pull up
    111. 

  111.  	 * whatever data we need to look at. */
    112. 

  112. @@ -934,7 +973,7 @@
    113. 

  113.  			len = sizeof(struct udphdr);
    114. 

  114.  		} else
    115. 

  115.  			/* Must be an IKE packet.. pass it through */
    116. 

  116. -			return 1;
    117. 

  117. +			return 4;
    118. 

  118.  		break;
    119. 

  119.  	case UDP_ENCAP_ESPINUDP_NON_IKE:
    120. 

  120.  		/* Check if this is a keepalive packet.  If so, eat it. */
    121. 

  121. @@ -947,7 +986,7 @@
    122. 

  122.  			len = sizeof(struct udphdr) + 2 * sizeof(u32);
    123. 

  123.  		} else
    124. 

  124.  			/* Must be an IKE packet.. pass it through */
    125. 

  125. -			return 1;
    126. 

  126. +			return 5;
    127. 

  127.  		break;
    128. 

  128.  	}
    129. 

  129.  
    130. 

  130. @@ -1021,10 +1060,14 @@
    131. 

  131.  			return 0;
    132. 

  132.  		}
    133. 

  133.  		if (ret < 0) {
    134. 

  134. -			/* process the ESP packet */
    135. 

  135. -			ret = xfrm4_rcv_encap(skb, up->encap_type);
    136. 

  136. -			UDP_INC_STATS_BH(UDP_MIB_INDATAGRAMS, up->pcflag);
    137. 

  137. -			return -ret;
    138. 

  138. + 			if(xfrm4_rcv_encap_func != NULL) {
    139. 

  139. + 			  ret = (*xfrm4_rcv_encap_func)(skb, up->encap_type);
    140. 

  140. + 			  UDP_INC_STATS_BH(UDP_MIB_INDATAGRAMS, up->pcflag);
    141. 

  141. + 			} else {
    142. 

  142. + 			  UDP_INC_STATS_BH(UDP_MIB_INERRORS, up->pcflag);
    143. 

  143. + 			  ret = 1;
    144. 

  144. + 			}
    145. 

  145. +			return ret;
    146. 

  146.  		}
    147. 

  147.  		/* FALLTHROUGH -- it's a UDP Packet */
    148. 

  148.  	}
    149. 

  149. @@ -1571,3 +1613,9 @@
    150. 

  150.  EXPORT_SYMBOL(udp_proc_register);
    151. 

  151.  EXPORT_SYMBOL(udp_proc_unregister);
    152. 

  152.  #endif
    153. 

  153. +
    154. 

  154. +#if defined(CONFIG_IPSEC_NAT_TRAVERSAL)
    155. 

  155. +EXPORT_SYMBOL(udp4_register_esp_rcvencap);
    156. 

  156. +EXPORT_SYMBOL(udp4_unregister_esp_rcvencap);
    157. 

  157. +#endif
    158. 

  158. +
    159.