svn commit: r308930 - projects/ipsec/sys/netipsec
Andrey V. Elsukov
ae at FreeBSD.org
Mon Nov 21 18:20:30 UTC 2016
Author: ae
Date: Mon Nov 21 18:20:28 2016
New Revision: 308930
URL: https://svnweb.freebsd.org/changeset/base/308930
Log:
Introduce SADB_CHECKHDR() and SADB_CHECKLEN() macros.
SADB_CHECKHDR() will be used to check presence of specified SADB extension
header. SADB_CHECKLEN() checks that specified header has correct length.
Modified:
projects/ipsec/sys/netipsec/key.c
Modified: projects/ipsec/sys/netipsec/key.c
==============================================================================
--- projects/ipsec/sys/netipsec/key.c Mon Nov 21 18:13:10 2016 (r308929)
+++ projects/ipsec/sys/netipsec/key.c Mon Nov 21 18:20:28 2016 (r308930)
@@ -296,6 +296,11 @@ static const int maxsize[] = {
sizeof(struct sadb_x_nat_t_frag),/* SADB_X_EXT_NAT_T_FRAG */
};
+#define SADB_CHECKLEN(_mhp, _ext) \
+ ((_mhp)->extlen[(_ext)] < minsize[(_ext)] || (maxsize[(_ext)] != 0 && \
+ ((_mhp)->extlen[(_ext)] > maxsize[(_ext)])))
+#define SADB_CHECKHDR(_mhp, _ext) ((_mhp)->ext[(_ext)] == NULL)
+
static VNET_DEFINE(int, ipsec_esp_keymin) = 256;
static VNET_DEFINE(int, ipsec_esp_auth) = 0;
static VNET_DEFINE(int, ipsec_ah_keymin) = 128;
More information about the svn-src-projects
mailing list