git: 9b93b2d8b039 - main - setkey(8): add -esn extension option to enable ESN

From: Konstantin Belousov <kib_at_FreeBSD.org>
Date: Fri, 12 Jul 2024 11:25:02 UTC
The branch main has been updated by kib:

URL: https://cgit.FreeBSD.org/src/commit/?id=9b93b2d8b039e24d8e2505a6aaf8bc1f29863052

commit 9b93b2d8b039e24d8e2505a6aaf8bc1f29863052
Author:     Konstantin Belousov <kib@FreeBSD.org>
AuthorDate: 2023-09-07 12:04:49 +0000
Commit:     Konstantin Belousov <kib@FreeBSD.org>
CommitDate: 2024-07-12 03:29:32 +0000

    setkey(8): add -esn extension option to enable ESN
    
    Sponsored by:   NVIDIA networking
---
 sbin/setkey/parse.y  | 10 ++++++++++
 sbin/setkey/setkey.8 |  2 ++
 sbin/setkey/token.l  |  1 +
 3 files changed, 13 insertions(+)

diff --git a/sbin/setkey/parse.y b/sbin/setkey/parse.y
index 448a8ee5278c..27a0109db333 100644
--- a/sbin/setkey/parse.y
+++ b/sbin/setkey/parse.y
@@ -46,6 +46,7 @@
 
 #include <string.h>
 #include <unistd.h>
+#include <stdbool.h>
 #include <stdio.h>
 #include <stdint.h>
 #include <netdb.h>
@@ -68,6 +69,7 @@ u_int p_natt_type;
 struct addrinfo *p_natt_oai, *p_natt_oar;
 int p_natt_sport, p_natt_dport;
 int p_natt_fraglen;
+bool esn;
 
 static int p_aiflags = 0, p_aifamily = PF_UNSPEC;
 
@@ -115,6 +117,7 @@ extern void yyerror(const char *);
 %token SPDADD SPDDELETE SPDDUMP SPDFLUSH
 %token F_POLICY PL_REQUESTS
 %token F_AIFLAGS F_NATT F_NATT_MTU
+%token F_ESN
 %token TAGGED
 
 %type <num> prefix protocol_spec upper_spec
@@ -539,6 +542,11 @@ extension
 		{
 			p_natt_fraglen = $2;
 		}
+	|	F_ESN
+		{
+			esn = true;
+			p_ext |= SADB_X_SAFLAGS_ESN;
+		}
 	;
 
 	/* definition about command for SPD management */
@@ -1355,6 +1363,8 @@ parse_init(void)
 	p_natt_oai = p_natt_oar = NULL;
 	p_natt_sport = p_natt_dport = 0;
 	p_natt_fraglen = -1;
+
+	esn = false;
 }
 
 void
diff --git a/sbin/setkey/setkey.8 b/sbin/setkey/setkey.8
index 88b4dc6fc91f..23a838f76541 100644
--- a/sbin/setkey/setkey.8
+++ b/sbin/setkey/setkey.8
@@ -341,6 +341,8 @@ symbols are part of the syntax for the ports specification,
 not indication of the optional components.
 .It Fl natt_mtu Ar fragsize
 Configure NAT-T fragment size.
+.It Fl esn
+Enable Extended Sequence Number extension for this SA.
 .El
 .\"
 .Pp
diff --git a/sbin/setkey/token.l b/sbin/setkey/token.l
index 054a57ef1015..b96eaf93924c 100644
--- a/sbin/setkey/token.l
+++ b/sbin/setkey/token.l
@@ -187,6 +187,7 @@ nocyclic-seq	{ return(NOCYCLICSEQ); }
 {hyphen}ls	{ return(F_LIFETIME_SOFT); }
 {hyphen}natt	{ return(F_NATT); }
 {hyphen}natt_mtu { return(F_NATT_MTU); }
+{hyphen}esn	{ return(F_ESN); }
 
 	/* ... */
 any		{ return(ANY); }