iproute2 small patches for xfrm

All of lore.kernel.org
 help / color / mirror / Atom feed

From: "Jaroslav Šafka" <jaroslav.safka@tieto.com>
To: netdev@vger.kernel.org
Subject: iproute2 small patches for xfrm
Date: Fri, 01 Aug 2014 13:16:09 +0200	[thread overview]
Message-ID: <2141002.LfKmUBSlWz@ul001176> (raw)

[-- Attachment #1: Type: text/plain, Size: 518 bytes --]

Hi,
I found the tool "ip xfrm" is not able to add "cipher_null" because there is 
no possibility to set key with zero length.

I solved it by this change:

-       if (slen > 2 && strncmp(key, "0x", 2) == 0) {
+       if (slen >= 2 && strncmp(key, "0x", 2) == 0) {

By this change you can specify key as "0x" which will pass for key existence 
and set key len to 0.

this patch is against version iproute2-3.14.0

Second patch enable use proto ip. Because it is supported by kernel.

Have a nice day :)

Regards
Jarek

[-- Attachment #2: cipher_null.patch --]
[-- Type: text/x-patch, Size: 464 bytes --]

diff --git a/ip/xfrm_state.c b/ip/xfrm_state.c
index 140a450..d7d13c8 100644
--- a/ip/xfrm_state.c
+++ b/ip/xfrm_state.c
@@ -125,7 +125,7 @@ static int xfrm_algo_parse(struct xfrm_algo *alg, enum xfrm_attr_type_t type,
 
 	strncpy(alg->alg_name, name, sizeof(alg->alg_name));
 
-	if (slen > 2 && strncmp(key, "0x", 2) == 0) {
+	if (slen >= 2 && strncmp(key, "0x", 2) == 0) {
 		/* split two chars "0x" from the top */
 		char *p = key + 2;
 		int plen = slen - 2;

[-- Attachment #3: proto_ip.patch --]
[-- Type: text/x-patch, Size: 349 bytes --]

diff --git a/ip/ipxfrm.c b/ip/ipxfrm.c
index cce5151..05e4098 100644
--- a/ip/ipxfrm.c
+++ b/ip/ipxfrm.c
@@ -1280,6 +1281,7 @@ static int xfrm_selector_upspec_parse(struct xfrm_selector *sel,
 		missarg("UPSPEC");
 	if (sportp || dportp) {
 		switch (sel->proto) {
+		case IPPROTO_IP:
 		case IPPROTO_TCP:
 		case IPPROTO_UDP:
 		case IPPROTO_SCTP:

next             reply	other threads:[~2014-08-01 11:16 UTC|newest]

Thread overview: 2+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2014-08-01 11:16 Jaroslav Šafka [this message]
2014-08-01 16:05 ` iproute2 small patches for xfrm Stephen Hemminger

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:140a450 dfblob:d7d13c8 dfblob:cce5151 dfblob:05e4098 )
 OR (
bs:"iproute2 small patches for xfrm" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=2141002.LfKmUBSlWz@ul001176 \
    --to=jaroslav.safka@tieto.com \
    --cc=netdev@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.