From: Leonard Crestez <cdleonard@gmail.com>
To: David Ahern <dsahern@kernel.org>,
Dmitry Safonov <0x7f454c46@gmail.com>,
Eric Dumazet <edumazet@google.com>
Cc: Francesco Ruggeri <fruggeri@arista.com>,
Shuah Khan <shuah@kernel.org>,
"David S. Miller" <davem@davemloft.net>,
Herbert Xu <herbert@gondor.apana.org.au>,
Kuniyuki Iwashima <kuniyu@amazon.co.jp>,
Hideaki YOSHIFUJI <yoshfuji@linux-ipv6.org>,
Jakub Kicinski <kuba@kernel.org>,
Yuchung Cheng <ycheng@google.com>,
Mat Martineau <mathew.j.martineau@linux.intel.com>,
Christoph Paasch <cpaasch@apple.com>,
Ivan Delalande <colona@arista.com>,
Priyaranjan Jha <priyarjha@google.com>,
netdev@vger.kernel.org, linux-crypto@vger.kernel.org,
linux-kselftest@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: [PATCH v3 16/18] selftests: nettest: Rename md5_prefix to key_addr_prefix
Date: Wed, 8 Dec 2021 13:37:31 +0200 [thread overview]
Message-ID: <70cc6300b78d75fd36adb57b17e7208c2f0788f4.1638962992.git.cdleonard@gmail.com> (raw)
In-Reply-To: <cover.1638962992.git.cdleonard@gmail.com>
This is in preparation for reusing the same option for TCP-AO
Reviewed-by: David Ahern <dsahern@kernel.org>
Signed-off-by: Leonard Crestez <cdleonard@gmail.com>
---
tools/testing/selftests/net/nettest.c | 50 +++++++++++++--------------
1 file changed, 25 insertions(+), 25 deletions(-)
diff --git a/tools/testing/selftests/net/nettest.c b/tools/testing/selftests/net/nettest.c
index d9a6fd2cd9d3..3841e5fec7c7 100644
--- a/tools/testing/selftests/net/nettest.c
+++ b/tools/testing/selftests/net/nettest.c
@@ -94,17 +94,17 @@ struct sock_args {
const char *clientns;
const char *serverns;
const char *password;
const char *client_pw;
- /* prefix for MD5 password */
- const char *md5_prefix_str;
+ /* prefix for MD5/AO*/
+ const char *key_addr_prefix_str;
union {
struct sockaddr_in v4;
struct sockaddr_in6 v6;
- } md5_prefix;
- unsigned int prefix_len;
+ } key_addr;
+ unsigned int key_addr_prefix_len;
/* 0: default, -1: force off, +1: force on */
int bind_key_ifindex;
/* expected addresses and device index for connection */
const char *expected_dev;
@@ -264,16 +264,16 @@ static int tcp_md5sig(int sd, void *addr, socklen_t alen, struct sock_args *args
int rc;
md5sig.tcpm_keylen = keylen;
memcpy(md5sig.tcpm_key, args->password, keylen);
- if (args->prefix_len) {
+ if (args->key_addr_prefix_len) {
opt = TCP_MD5SIG_EXT;
md5sig.tcpm_flags |= TCP_MD5SIG_FLAG_PREFIX;
- md5sig.tcpm_prefixlen = args->prefix_len;
- addr = &args->md5_prefix;
+ md5sig.tcpm_prefixlen = args->key_addr_prefix_len;
+ addr = &args->key_addr;
}
memcpy(&md5sig.tcpm_addr, addr, alen);
if ((args->ifindex && args->bind_key_ifindex >= 0) || args->bind_key_ifindex >= 1) {
opt = TCP_MD5SIG_EXT;
@@ -309,17 +309,17 @@ static int tcp_md5_remote(int sd, struct sock_args *args)
int alen;
switch (args->version) {
case AF_INET:
sin.sin_port = htons(args->port);
- sin.sin_addr = args->md5_prefix.v4.sin_addr;
+ sin.sin_addr = args->key_addr.v4.sin_addr;
addr = &sin;
alen = sizeof(sin);
break;
case AF_INET6:
sin6.sin6_port = htons(args->port);
- sin6.sin6_addr = args->md5_prefix.v6.sin6_addr;
+ sin6.sin6_addr = args->key_addr.v6.sin6_addr;
addr = &sin6;
alen = sizeof(sin6);
break;
default:
log_error("unknown address family\n");
@@ -705,11 +705,11 @@ enum addr_type {
ADDR_TYPE_LOCAL,
ADDR_TYPE_REMOTE,
ADDR_TYPE_MCAST,
ADDR_TYPE_EXPECTED_LOCAL,
ADDR_TYPE_EXPECTED_REMOTE,
- ADDR_TYPE_MD5_PREFIX,
+ ADDR_TYPE_KEY_PREFIX,
};
static int convert_addr(struct sock_args *args, const char *_str,
enum addr_type atype)
{
@@ -745,32 +745,32 @@ static int convert_addr(struct sock_args *args, const char *_str,
break;
case ADDR_TYPE_EXPECTED_REMOTE:
desc = "expected remote";
addr = &args->expected_raddr;
break;
- case ADDR_TYPE_MD5_PREFIX:
- desc = "md5 prefix";
+ case ADDR_TYPE_KEY_PREFIX:
+ desc = "key addr prefix";
if (family == AF_INET) {
- args->md5_prefix.v4.sin_family = AF_INET;
- addr = &args->md5_prefix.v4.sin_addr;
+ args->key_addr.v4.sin_family = AF_INET;
+ addr = &args->key_addr.v4.sin_addr;
} else if (family == AF_INET6) {
- args->md5_prefix.v6.sin6_family = AF_INET6;
- addr = &args->md5_prefix.v6.sin6_addr;
+ args->key_addr.v6.sin6_family = AF_INET6;
+ addr = &args->key_addr.v6.sin6_addr;
} else
return 1;
sep = strchr(str, '/');
if (sep) {
*sep = '\0';
sep++;
if (str_to_uint(sep, 1, pfx_len_max,
- &args->prefix_len) != 0) {
- fprintf(stderr, "Invalid port\n");
+ &args->key_addr_prefix_len) != 0) {
+ fprintf(stderr, "Invalid prefix\n");
return 1;
}
} else {
- args->prefix_len = 0;
+ args->key_addr_prefix_len = 0;
}
break;
default:
log_error("unknown address type\n");
exit(1);
@@ -835,13 +835,13 @@ static int validate_addresses(struct sock_args *args)
if (args->remote_addr_str &&
convert_addr(args, args->remote_addr_str, ADDR_TYPE_REMOTE) < 0)
return 1;
- if (args->md5_prefix_str &&
- convert_addr(args, args->md5_prefix_str,
- ADDR_TYPE_MD5_PREFIX) < 0)
+ if (args->key_addr_prefix_str &&
+ convert_addr(args, args->key_addr_prefix_str,
+ ADDR_TYPE_KEY_PREFIX) < 0)
return 1;
if (args->expected_laddr_str &&
convert_addr(args, args->expected_laddr_str,
ADDR_TYPE_EXPECTED_LOCAL))
@@ -2020,11 +2020,11 @@ int main(int argc, char *argv[])
break;
case 'X':
args.client_pw = optarg;
break;
case 'm':
- args.md5_prefix_str = optarg;
+ args.key_addr_prefix_str = optarg;
break;
case 'S':
args.use_setsockopt = 1;
break;
case 'f':
@@ -2079,17 +2079,17 @@ int main(int argc, char *argv[])
return 1;
}
}
if (args.password &&
- ((!args.has_remote_ip && !args.md5_prefix_str) ||
+ ((!args.has_remote_ip && !args.key_addr_prefix_str) ||
args.type != SOCK_STREAM)) {
log_error("MD5 passwords apply to TCP only and require a remote ip for the password\n");
return 1;
}
- if (args.md5_prefix_str && !args.password) {
+ if (args.key_addr_prefix_str && !args.password) {
log_error("Prefix range for MD5 protection specified without a password\n");
return 1;
}
if (iter == 0) {
--
2.25.1
next prev parent reply other threads:[~2021-12-08 11:40 UTC|newest]
Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-12-08 11:37 [PATCH v3 00/18] tcp: Initial support for RFC5925 auth option Leonard Crestez
2021-12-08 11:37 ` [PATCH v3 01/18] tcp: authopt: Initial support and key management Leonard Crestez
2021-12-08 11:37 ` [PATCH v3 02/18] docs: Add user documentation for tcp_authopt Leonard Crestez
2021-12-08 11:37 ` [PATCH v3 03/18] tcp: authopt: Add crypto initialization Leonard Crestez
2021-12-08 11:37 ` [PATCH v3 04/18] tcp: md5: Refactor tcp_sig_hash_skb_data for AO Leonard Crestez
2021-12-08 11:37 ` [PATCH v3 05/18] tcp: authopt: Compute packet signatures Leonard Crestez
2021-12-08 11:37 ` [PATCH v3 06/18] tcp: authopt: Hook into tcp core Leonard Crestez
2021-12-08 11:37 ` [PATCH v3 07/18] tcp: authopt: Disable via sysctl by default Leonard Crestez
2021-12-08 11:37 ` [PATCH v3 08/18] tcp: authopt: Implement Sequence Number Extension Leonard Crestez
2021-12-08 11:37 ` [PATCH v3 09/18] tcp: ipv6: Add AO signing for tcp_v6_send_response Leonard Crestez
2021-12-08 11:37 ` [PATCH v3 10/18] tcp: authopt: Add support for signing skb-less replies Leonard Crestez
2021-12-08 11:37 ` [PATCH v3 11/18] tcp: ipv4: Add AO signing for " Leonard Crestez
2021-12-08 11:37 ` [PATCH v3 12/18] tcp: authopt: Add key selection controls Leonard Crestez
2021-12-08 11:37 ` [PATCH v3 13/18] tcp: authopt: Add initial l3index support Leonard Crestez
2021-12-08 11:37 ` [PATCH v3 14/18] tcp: authopt: Add NOSEND/NORECV flags Leonard Crestez
2021-12-08 11:37 ` [PATCH v3 15/18] tcp: authopt: Add prefixlen support Leonard Crestez
2021-12-08 11:37 ` Leonard Crestez [this message]
2021-12-08 11:37 ` [PATCH v3 17/18] selftests: nettest: Initial tcp_authopt support Leonard Crestez
2021-12-08 11:37 ` [PATCH v3 18/18] selftests: net/fcnal: " Leonard Crestez
2021-12-13 10:31 ` [PATCH v3 00/18] tcp: Initial support for RFC5925 auth option Leonard Crestez
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=70cc6300b78d75fd36adb57b17e7208c2f0788f4.1638962992.git.cdleonard@gmail.com \
--to=cdleonard@gmail.com \
--cc=0x7f454c46@gmail.com \
--cc=colona@arista.com \
--cc=cpaasch@apple.com \
--cc=davem@davemloft.net \
--cc=dsahern@kernel.org \
--cc=edumazet@google.com \
--cc=fruggeri@arista.com \
--cc=herbert@gondor.apana.org.au \
--cc=kuba@kernel.org \
--cc=kuniyu@amazon.co.jp \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-kselftest@vger.kernel.org \
--cc=mathew.j.martineau@linux.intel.com \
--cc=netdev@vger.kernel.org \
--cc=priyarjha@google.com \
--cc=shuah@kernel.org \
--cc=ycheng@google.com \
--cc=yoshfuji@linux-ipv6.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).