git: 9b93b2d8b039 - main - setkey(8): add -esn extension option to enable ESN
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Fri, 12 Jul 2024 11:25:02 UTC
The branch main has been updated by kib: URL: https://cgit.FreeBSD.org/src/commit/?id=9b93b2d8b039e24d8e2505a6aaf8bc1f29863052 commit 9b93b2d8b039e24d8e2505a6aaf8bc1f29863052 Author: Konstantin Belousov <kib@FreeBSD.org> AuthorDate: 2023-09-07 12:04:49 +0000 Commit: Konstantin Belousov <kib@FreeBSD.org> CommitDate: 2024-07-12 03:29:32 +0000 setkey(8): add -esn extension option to enable ESN Sponsored by: NVIDIA networking --- sbin/setkey/parse.y | 10 ++++++++++ sbin/setkey/setkey.8 | 2 ++ sbin/setkey/token.l | 1 + 3 files changed, 13 insertions(+) diff --git a/sbin/setkey/parse.y b/sbin/setkey/parse.y index 448a8ee5278c..27a0109db333 100644 --- a/sbin/setkey/parse.y +++ b/sbin/setkey/parse.y @@ -46,6 +46,7 @@ #include <string.h> #include <unistd.h> +#include <stdbool.h> #include <stdio.h> #include <stdint.h> #include <netdb.h> @@ -68,6 +69,7 @@ u_int p_natt_type; struct addrinfo *p_natt_oai, *p_natt_oar; int p_natt_sport, p_natt_dport; int p_natt_fraglen; +bool esn; static int p_aiflags = 0, p_aifamily = PF_UNSPEC; @@ -115,6 +117,7 @@ extern void yyerror(const char *); %token SPDADD SPDDELETE SPDDUMP SPDFLUSH %token F_POLICY PL_REQUESTS %token F_AIFLAGS F_NATT F_NATT_MTU +%token F_ESN %token TAGGED %type <num> prefix protocol_spec upper_spec @@ -539,6 +542,11 @@ extension { p_natt_fraglen = $2; } + | F_ESN + { + esn = true; + p_ext |= SADB_X_SAFLAGS_ESN; + } ; /* definition about command for SPD management */ @@ -1355,6 +1363,8 @@ parse_init(void) p_natt_oai = p_natt_oar = NULL; p_natt_sport = p_natt_dport = 0; p_natt_fraglen = -1; + + esn = false; } void diff --git a/sbin/setkey/setkey.8 b/sbin/setkey/setkey.8 index 88b4dc6fc91f..23a838f76541 100644 --- a/sbin/setkey/setkey.8 +++ b/sbin/setkey/setkey.8 @@ -341,6 +341,8 @@ symbols are part of the syntax for the ports specification, not indication of the optional components. .It Fl natt_mtu Ar fragsize Configure NAT-T fragment size. +.It Fl esn +Enable Extended Sequence Number extension for this SA. .El .\" .Pp diff --git a/sbin/setkey/token.l b/sbin/setkey/token.l index 054a57ef1015..b96eaf93924c 100644 --- a/sbin/setkey/token.l +++ b/sbin/setkey/token.l @@ -187,6 +187,7 @@ nocyclic-seq { return(NOCYCLICSEQ); } {hyphen}ls { return(F_LIFETIME_SOFT); } {hyphen}natt { return(F_NATT); } {hyphen}natt_mtu { return(F_NATT_MTU); } +{hyphen}esn { return(F_ESN); } /* ... */ any { return(ANY); }