summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMasahide NAKAMURA <nakam@linux-ipv6.org>2007-02-09 21:22:16 -0800
committerDavid S. Miller <davem@sunset.davemloft.net>2007-02-10 23:20:47 -0800
commitbda390d5c883d5dff1f3ae2bade4c25869769894 (patch)
treefeb2196ff29a5d78098047c546b2c0162b5cb659
parent1e19e02ca0c5e33ea73a25127dbe6c3b8fcaac4b (diff)
downloadkernel-crypto-bda390d5c883d5dff1f3ae2bade4c25869769894.tar.gz
kernel-crypto-bda390d5c883d5dff1f3ae2bade4c25869769894.tar.xz
kernel-crypto-bda390d5c883d5dff1f3ae2bade4c25869769894.zip
[XFRM] IPV6: Fix outbound RO transformation which is broken by IPsec tunnel patch.
It seems to miss RO mode path by IPv6 over IPv4 IPsec tunnel patch when it changed semantics to check the mode from "xfrm[i]->props.mode != XFRM_MODE_TRANSPORT" to "xfrm[i]->props.mode == XFRM_MODE_TUNNEL" before changing address. It also makes two incline functions __xfrm6_bundle_addr_{remote,local} are used by nobody. This patch fixes it. Signed-off-by: Masahide NAKAMURA <nakam@linux-ipv6.org> Signed-off-by: David S. Miller <davem@davemloft.net>
-rw-r--r--net/ipv6/xfrm6_policy.c8
1 files changed, 5 insertions, 3 deletions
diff --git a/net/ipv6/xfrm6_policy.c b/net/ipv6/xfrm6_policy.c
index 55f650c4967..b1133f27c8a 100644
--- a/net/ipv6/xfrm6_policy.c
+++ b/net/ipv6/xfrm6_policy.c
@@ -178,7 +178,8 @@ __xfrm6_bundle_create(struct xfrm_policy *policy, struct xfrm_state **xfrm, int
__xfrm6_bundle_len_inc(&header_len, &nfheader_len, xfrm[i]);
trailer_len += xfrm[i]->props.trailer_len;
- if (xfrm[i]->props.mode == XFRM_MODE_TUNNEL) {
+ if (xfrm[i]->props.mode == XFRM_MODE_TUNNEL ||
+ xfrm[i]->props.mode == XFRM_MODE_ROUTEOPTIMIZATION) {
unsigned short encap_family = xfrm[i]->props.family;
switch(encap_family) {
case AF_INET:
@@ -186,8 +187,9 @@ __xfrm6_bundle_create(struct xfrm_policy *policy, struct xfrm_state **xfrm, int
fl_tunnel.fl4_src = xfrm[i]->props.saddr.a4;
break;
case AF_INET6:
- ipv6_addr_copy(&fl_tunnel.fl6_dst, (struct in6_addr*)&xfrm[i]->id.daddr.a6);
- ipv6_addr_copy(&fl_tunnel.fl6_src, (struct in6_addr*)&xfrm[i]->props.saddr.a6);
+ ipv6_addr_copy(&fl_tunnel.fl6_dst, __xfrm6_bundle_addr_remote(xfrm[i], &fl->fl6_dst));
+
+ ipv6_addr_copy(&fl_tunnel.fl6_src, __xfrm6_bundle_addr_remote(xfrm[i], &fl->fl6_src));
break;
default:
BUG_ON(1);