* iproute2 small patches for xfrm
@ 2014-08-01 11:16 Jaroslav Šafka
2014-08-01 16:05 ` Stephen Hemminger
0 siblings, 1 reply; 2+ messages in thread
From: Jaroslav Šafka @ 2014-08-01 11:16 UTC (permalink / raw)
To: netdev
[-- Attachment #1: Type: text/plain, Size: 518 bytes --]
Hi,
I found the tool "ip xfrm" is not able to add "cipher_null" because there is
no possibility to set key with zero length.
I solved it by this change:
- if (slen > 2 && strncmp(key, "0x", 2) == 0) {
+ if (slen >= 2 && strncmp(key, "0x", 2) == 0) {
By this change you can specify key as "0x" which will pass for key existence
and set key len to 0.
this patch is against version iproute2-3.14.0
Second patch enable use proto ip. Because it is supported by kernel.
Have a nice day :)
Regards
Jarek
[-- Attachment #2: cipher_null.patch --]
[-- Type: text/x-patch, Size: 464 bytes --]
diff --git a/ip/xfrm_state.c b/ip/xfrm_state.c
index 140a450..d7d13c8 100644
--- a/ip/xfrm_state.c
+++ b/ip/xfrm_state.c
@@ -125,7 +125,7 @@ static int xfrm_algo_parse(struct xfrm_algo *alg, enum xfrm_attr_type_t type,
strncpy(alg->alg_name, name, sizeof(alg->alg_name));
- if (slen > 2 && strncmp(key, "0x", 2) == 0) {
+ if (slen >= 2 && strncmp(key, "0x", 2) == 0) {
/* split two chars "0x" from the top */
char *p = key + 2;
int plen = slen - 2;
[-- Attachment #3: proto_ip.patch --]
[-- Type: text/x-patch, Size: 349 bytes --]
diff --git a/ip/ipxfrm.c b/ip/ipxfrm.c
index cce5151..05e4098 100644
--- a/ip/ipxfrm.c
+++ b/ip/ipxfrm.c
@@ -1280,6 +1281,7 @@ static int xfrm_selector_upspec_parse(struct xfrm_selector *sel,
missarg("UPSPEC");
if (sportp || dportp) {
switch (sel->proto) {
+ case IPPROTO_IP:
case IPPROTO_TCP:
case IPPROTO_UDP:
case IPPROTO_SCTP:
^ permalink raw reply related [flat|nested] 2+ messages in thread
* Re: iproute2 small patches for xfrm
2014-08-01 11:16 iproute2 small patches for xfrm Jaroslav Šafka
@ 2014-08-01 16:05 ` Stephen Hemminger
0 siblings, 0 replies; 2+ messages in thread
From: Stephen Hemminger @ 2014-08-01 16:05 UTC (permalink / raw)
To: Jaroslav Šafka; +Cc: netdev
On Fri, 01 Aug 2014 13:16:09 +0200
Jaroslav Šafka <jaroslav.safka@tieto.com> wrote:
> Hi,
> I found the tool "ip xfrm" is not able to add "cipher_null" because there is
> no possibility to set key with zero length.
>
> I solved it by this change:
>
> - if (slen > 2 && strncmp(key, "0x", 2) == 0) {
> + if (slen >= 2 && strncmp(key, "0x", 2) == 0) {
>
> By this change you can specify key as "0x" which will pass for key existence
> and set key len to 0.
>
> this patch is against version iproute2-3.14.0
>
> Second patch enable use proto ip. Because it is supported by kernel.
>
> Have a nice day :)
>
> Regards
> Jarek
Please format patches in same manner as kernel patches as described
in Documentation/SubmittingPatches. One patch per email; email with [PATCH]
in subject line; and please don't use attachments if possible.
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2014-08-01 16:05 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2014-08-01 11:16 iproute2 small patches for xfrm Jaroslav Šafka
2014-08-01 16:05 ` Stephen Hemminger
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.