[Pkg-swan-devel] [strongswan] 06/10: Add patch to fix IPv6 source adress selection
Yves-Alexis Perez
corsac at moszumanska.debian.org
Wed Nov 4 19:42:37 UTC 2015
This is an automated email from the git hooks/post-receive script.
corsac pushed a commit to annotated tag v5.3.3-1
in repository strongswan.
commit a9533d350af941e9bdd656f349a1bbb07911a422
Author: Yves-Alexis Perez <corsac at debian.org>
Date: Mon Nov 2 21:01:26 2015 +0100
Add patch to fix IPv6 source adress selection
0001-socket-default-Refactor-setting-source-address-when- added (taken from
ab8337b in the socket-default-refactor branch), fix source address selection
with IPv6
---
debian/changelog | 4 +
...ult-Refactor-setting-source-address-when-.patch | 199 +++++++++++++++++++++
debian/patches/series | 1 +
3 files changed, 204 insertions(+)
diff --git a/debian/changelog b/debian/changelog
index 7c47e09..29758e6 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -9,6 +9,10 @@ strongswan (5.3.3-1) UNRELEASED; urgency=medium
* New upstream release. closes: #803772
* debian/strongswan-starter.install:
- install new pki --dn manpage to ipsec-starter package.
+ * debian/patches:
+ - 0001-socket-default-Refactor-setting-source-address-when- added (taken
+ from ab8337b in the socket-default-refactor branch), fix source address
+ selection with IPv6
-- Yves-Alexis Perez <corsac at debian.org> Thu, 22 Oct 2015 11:44:21 +0200
diff --git a/debian/patches/0001-socket-default-Refactor-setting-source-address-when-.patch b/debian/patches/0001-socket-default-Refactor-setting-source-address-when-.patch
new file mode 100644
index 0000000..4bb774f
--- /dev/null
+++ b/debian/patches/0001-socket-default-Refactor-setting-source-address-when-.patch
@@ -0,0 +1,199 @@
+From ab8337b3e8e5d4b8650b7d03b7193c7e734554f0 Mon Sep 17 00:00:00 2001
+From: Tobias Brunner <tobias at strongswan.org>
+Date: Mon, 2 Nov 2015 16:22:38 +0100
+Subject: [PATCH] socket-default: Refactor setting source address when sending
+ messages
+
+This ensures we don't pass data (via msg_control) defined in a different
+scope to sendmsg() and also makes the code clearer than with the interleaving
+ifdefs.
+---
+ .../plugins/socket_default/socket_default_socket.c | 153 ++++++++++++++-------
+ 1 file changed, 107 insertions(+), 46 deletions(-)
+
+diff --git a/src/libcharon/plugins/socket_default/socket_default_socket.c b/src/libcharon/plugins/socket_default/socket_default_socket.c
+index 5585377..c9a2d51 100644
+--- a/src/libcharon/plugins/socket_default/socket_default_socket.c
++++ b/src/libcharon/plugins/socket_default/socket_default_socket.c
+@@ -355,6 +355,107 @@ METHOD(socket_t, receiver, status_t,
+ return SUCCESS;
+ }
+
++/**
++ * Generic function to send a message.
++ */
++static ssize_t send_msg_generic(int skt, struct msghdr *msg)
++{
++ return sendmsg(skt, msg, 0);
++}
++
++/**
++ * Send a message with the IPv4 source address set, if possible.
++ */
++#ifdef IP_PKTINFO
++
++static ssize_t send_msg_v4(int skt, struct msghdr *msg, host_t *src)
++{
++ char buf[CMSG_SPACE(sizeof(struct in_pktinfo))] = {};
++ struct cmsghdr *cmsg;
++ struct in_addr *addr;
++ struct in_pktinfo *pktinfo;
++ struct sockaddr_in *sin;
++
++ msg->msg_control = buf;
++ msg->msg_controllen = sizeof(buf);
++ cmsg = CMSG_FIRSTHDR(msg);
++ cmsg->cmsg_level = SOL_IP;
++ cmsg->cmsg_type = IP_PKTINFO;
++ cmsg->cmsg_len = CMSG_LEN(sizeof(struct in_pktinfo));
++
++ pktinfo = (struct in_pktinfo*)CMSG_DATA(cmsg);
++ addr = &pktinfo->ipi_spec_dst;
++
++ sin = (struct sockaddr_in*)src->get_sockaddr(src);
++ memcpy(addr, &sin->sin_addr, sizeof(struct in_addr));
++ return send_msg_generic(skt, msg);
++}
++
++#elif defined(IP_SENDSRCADDR)
++
++static ssize_t send_msg_v4(int skt, struct msghdr *msg, host_t *src)
++{
++ char buf[CMSG_SPACE(sizeof(struct in_addr))] = {};
++ struct cmsghdr *cmsg;
++ struct in_addr *addr;
++ struct sockaddr_in *sin;
++
++ msg->msg_control = buf;
++ msg->msg_controllen = sizeof(buf);
++ cmsg = CMSG_FIRSTHDR(msg);
++ cmsg->cmsg_level = SOL_IP;
++ cmsg->cmsg_type = IP_SENDSRCADDR;
++ cmsg->cmsg_len = CMSG_LEN(sizeof(struct in_addr));
++
++ addr = (struct in_addr*)CMSG_DATA(cmsg);
++
++ sin = (struct sockaddr_in*)src->get_sockaddr(src);
++ memcpy(addr, &sin->sin_addr, sizeof(struct in_addr));
++ return send_msg_generic(skt, msg);
++}
++
++#else /* IP_PKTINFO || IP_RECVDSTADDR */
++
++static ssize_t send_msg_v4(int skt, struct msghdr *msg, host_t *src)
++{
++ return send_msg_generic(skt, msg);
++}
++
++#endif /* IP_PKTINFO || IP_RECVDSTADDR */
++
++/**
++ * Send a message with the IPv6 source address set, if possible.
++ */
++#ifdef HAVE_IN6_PKTINFO
++
++static ssize_t send_msg_v6(int skt, struct msghdr *msg, host_t *src)
++{
++ char buf[CMSG_SPACE(sizeof(struct in6_pktinfo))] = {};
++ struct cmsghdr *cmsg;
++ struct in6_pktinfo *pktinfo;
++ struct sockaddr_in6 *sin;
++
++ msg->msg_control = buf;
++ msg->msg_controllen = sizeof(buf);
++ cmsg = CMSG_FIRSTHDR(msg);
++ cmsg->cmsg_level = SOL_IPV6;
++ cmsg->cmsg_type = IPV6_PKTINFO;
++ cmsg->cmsg_len = CMSG_LEN(sizeof(struct in6_pktinfo));
++ pktinfo = (struct in6_pktinfo*)CMSG_DATA(cmsg);
++ sin = (struct sockaddr_in6*)src->get_sockaddr(src);
++ memcpy(&pktinfo->ipi6_addr, &sin->sin6_addr, sizeof(struct in6_addr));
++ return send_msg_generic(skt, msg);
++}
++
++#else /* HAVE_IN6_PKTINFO */
++
++static ssize_t send_msg_v6(int skt, struct msghdr *msg, host_t *src)
++{
++ return send_msg_generic(skt, msg);
++}
++
++#endif /* HAVE_IN6_PKTINFO */
++
+ METHOD(socket_t, sender, status_t,
+ private_socket_default_socket_t *this, packet_t *packet)
+ {
+@@ -363,7 +464,6 @@ METHOD(socket_t, sender, status_t,
+ chunk_t data;
+ host_t *src, *dst;
+ struct msghdr msg;
+- struct cmsghdr *cmsg;
+ struct iovec iov;
+ u_int8_t *dscp;
+
+@@ -465,56 +565,17 @@ METHOD(socket_t, sender, status_t,
+ {
+ if (family == AF_INET)
+ {
+-#if defined(IP_PKTINFO) || defined(IP_SENDSRCADDR)
+- struct in_addr *addr;
+- struct sockaddr_in *sin;
+-#ifdef IP_PKTINFO
+- char buf[CMSG_SPACE(sizeof(struct in_pktinfo))];
+- struct in_pktinfo *pktinfo;
+-#elif defined(IP_SENDSRCADDR)
+- char buf[CMSG_SPACE(sizeof(struct in_addr))];
+-#endif
+- memset(buf, 0, sizeof(buf));
+- msg.msg_control = buf;
+- msg.msg_controllen = sizeof(buf);
+- cmsg = CMSG_FIRSTHDR(&msg);
+- cmsg->cmsg_level = SOL_IP;
+-#ifdef IP_PKTINFO
+- cmsg->cmsg_type = IP_PKTINFO;
+- cmsg->cmsg_len = CMSG_LEN(sizeof(struct in_pktinfo));
+- pktinfo = (struct in_pktinfo*)CMSG_DATA(cmsg);
+- addr = &pktinfo->ipi_spec_dst;
+-#elif defined(IP_SENDSRCADDR)
+- cmsg->cmsg_type = IP_SENDSRCADDR;
+- cmsg->cmsg_len = CMSG_LEN(sizeof(struct in_addr));
+- addr = (struct in_addr*)CMSG_DATA(cmsg);
+-#endif
+- sin = (struct sockaddr_in*)src->get_sockaddr(src);
+- memcpy(addr, &sin->sin_addr, sizeof(struct in_addr));
+-#endif /* IP_PKTINFO || IP_SENDSRCADDR */
++ bytes_sent = send_msg_v4(skt, &msg, src);
+ }
+-#ifdef HAVE_IN6_PKTINFO
+ else
+ {
+- char buf[CMSG_SPACE(sizeof(struct in6_pktinfo))];
+- struct in6_pktinfo *pktinfo;
+- struct sockaddr_in6 *sin;
+-
+- memset(buf, 0, sizeof(buf));
+- msg.msg_control = buf;
+- msg.msg_controllen = sizeof(buf);
+- cmsg = CMSG_FIRSTHDR(&msg);
+- cmsg->cmsg_level = SOL_IPV6;
+- cmsg->cmsg_type = IPV6_PKTINFO;
+- cmsg->cmsg_len = CMSG_LEN(sizeof(struct in6_pktinfo));
+- pktinfo = (struct in6_pktinfo*)CMSG_DATA(cmsg);
+- sin = (struct sockaddr_in6*)src->get_sockaddr(src);
+- memcpy(&pktinfo->ipi6_addr, &sin->sin6_addr, sizeof(struct in6_addr));
++ bytes_sent = send_msg_v6(skt, &msg, src);
+ }
+-#endif /* HAVE_IN6_PKTINFO */
+ }
+-
+- bytes_sent = sendmsg(skt, &msg, 0);
++ else
++ {
++ bytes_sent = send_msg_generic(skt, &msg);
++ }
+
+ if (bytes_sent != data.len)
+ {
+--
+2.6.2
+
diff --git a/debian/patches/series b/debian/patches/series
index 6d7cc1d..f96ab58 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1,3 +1,4 @@
01_fix-manpages.patch
03_systemd-service.patch
04_disable-libtls-tests.patch
+0001-socket-default-Refactor-setting-source-address-when-.patch
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-swan/strongswan.git
More information about the Pkg-swan-devel
mailing list