All of lore.kernel.org
 help / color / mirror / Atom feed
* iproute2 small patches for xfrm
@ 2014-08-01 11:16 Jaroslav Šafka
  2014-08-01 16:05 ` Stephen Hemminger
  0 siblings, 1 reply; 2+ messages in thread
From: Jaroslav Šafka @ 2014-08-01 11:16 UTC (permalink / raw)
  To: netdev

[-- Attachment #1: Type: text/plain, Size: 518 bytes --]

Hi,
I found the tool "ip xfrm" is not able to add "cipher_null" because there is 
no possibility to set key with zero length.

I solved it by this change:

-       if (slen > 2 && strncmp(key, "0x", 2) == 0) {
+       if (slen >= 2 && strncmp(key, "0x", 2) == 0) {

By this change you can specify key as "0x" which will pass for key existence 
and set key len to 0.

this patch is against version iproute2-3.14.0

Second patch enable use proto ip. Because it is supported by kernel.

Have a nice day :)

Regards
Jarek

[-- Attachment #2: cipher_null.patch --]
[-- Type: text/x-patch, Size: 464 bytes --]

diff --git a/ip/xfrm_state.c b/ip/xfrm_state.c
index 140a450..d7d13c8 100644
--- a/ip/xfrm_state.c
+++ b/ip/xfrm_state.c
@@ -125,7 +125,7 @@ static int xfrm_algo_parse(struct xfrm_algo *alg, enum xfrm_attr_type_t type,
 
 	strncpy(alg->alg_name, name, sizeof(alg->alg_name));
 
-	if (slen > 2 && strncmp(key, "0x", 2) == 0) {
+	if (slen >= 2 && strncmp(key, "0x", 2) == 0) {
 		/* split two chars "0x" from the top */
 		char *p = key + 2;
 		int plen = slen - 2;

[-- Attachment #3: proto_ip.patch --]
[-- Type: text/x-patch, Size: 349 bytes --]

diff --git a/ip/ipxfrm.c b/ip/ipxfrm.c
index cce5151..05e4098 100644
--- a/ip/ipxfrm.c
+++ b/ip/ipxfrm.c
@@ -1280,6 +1281,7 @@ static int xfrm_selector_upspec_parse(struct xfrm_selector *sel,
 		missarg("UPSPEC");
 	if (sportp || dportp) {
 		switch (sel->proto) {
+		case IPPROTO_IP:
 		case IPPROTO_TCP:
 		case IPPROTO_UDP:
 		case IPPROTO_SCTP:

^ permalink raw reply related	[flat|nested] 2+ messages in thread
* Re: iproute2 small patches for xfrm
  2014-08-01 11:16 iproute2 small patches for xfrm Jaroslav Šafka
@ 2014-08-01 16:05 ` Stephen Hemminger
  0 siblings, 0 replies; 2+ messages in thread
From: Stephen Hemminger @ 2014-08-01 16:05 UTC (permalink / raw)
  To: Jaroslav Šafka; +Cc: netdev

On Fri, 01 Aug 2014 13:16:09 +0200
Jaroslav Šafka <jaroslav.safka@tieto.com> wrote:

> Hi,
> I found the tool "ip xfrm" is not able to add "cipher_null" because there is 
> no possibility to set key with zero length.
> 
> I solved it by this change:
> 
> -       if (slen > 2 && strncmp(key, "0x", 2) == 0) {
> +       if (slen >= 2 && strncmp(key, "0x", 2) == 0) {
> 
> By this change you can specify key as "0x" which will pass for key existence 
> and set key len to 0.
> 
> this patch is against version iproute2-3.14.0
> 
> Second patch enable use proto ip. Because it is supported by kernel.
> 
> Have a nice day :)
> 
> Regards
> Jarek

Please format patches in same manner as kernel patches as described
in Documentation/SubmittingPatches.  One patch per email; email with [PATCH]
in subject line; and please don't use attachments if possible.

^ permalink raw reply	[flat|nested] 2+ messages in thread
end of thread, other threads:[~2014-08-01 16:05 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2014-08-01 11:16 iproute2 small patches for xfrm Jaroslav Šafka
2014-08-01 16:05 ` Stephen Hemminger

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.