]> err.no Git - linux-2.6/commitdiff
[XFRM] STATE: Add a hook to obtain local/remote outbound address.
authorMasahide NAKAMURA <nakam@linux-ipv6.org>
Thu, 24 Aug 2006 01:10:33 +0000 (18:10 -0700)
committerDavid S. Miller <davem@sunset.davemloft.net>
Fri, 22 Sep 2006 22:06:41 +0000 (15:06 -0700)
Outbound transformation replaces both source and destination address with
state's end-point addresses at the same time when IPsec tunnel mode.
It is also required to change them for Mobile IPv6 route optimization, but we
should care about the following differences:
 - changing result is not end-point but care-of address
 - either source or destination is replaced for each state
This hook is a common platform to change outbound address.
Based on MIPL2 kernel patch.

Signed-off-by: Masahide NAKAMURA <nakam@linux-ipv6.org>
Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
include/net/xfrm.h
net/ipv6/xfrm6_policy.c

index 0d735a5aba61477bb5f23ada3b883668984b7aaa..aa3ac994477b9db782286a6bd401dc4449855c92 100644 (file)
@@ -266,6 +266,8 @@ struct xfrm_type
        int                     (*input)(struct xfrm_state *, struct sk_buff *skb);
        int                     (*output)(struct xfrm_state *, struct sk_buff *pskb);
        int                     (*hdr_offset)(struct xfrm_state *, struct sk_buff *, u8 **);
+       xfrm_address_t          *(*local_addr)(struct xfrm_state *, xfrm_address_t *);
+       xfrm_address_t          *(*remote_addr)(struct xfrm_state *, xfrm_address_t *);
        /* Estimate maximal size of result of transformation of a dgram */
        u32                     (*get_max_size)(struct xfrm_state *, int size);
 };
index 81355bb5032826a8205567a5a43bc65497223ef1..9328fc88708ab24eeb6a50197bed737cba1e706f 100644 (file)
@@ -59,6 +59,22 @@ __xfrm6_find_bundle(struct flowi *fl, struct xfrm_policy *policy)
        return dst;
 }
 
+static inline struct in6_addr*
+__xfrm6_bundle_addr_remote(struct xfrm_state *x, struct in6_addr *addr)
+{
+       return (x->type->remote_addr) ?
+               (struct in6_addr*)x->type->remote_addr(x, (xfrm_address_t *)addr) :
+               (struct in6_addr*)&x->id.daddr;
+}
+
+static inline struct in6_addr*
+__xfrm6_bundle_addr_local(struct xfrm_state *x, struct in6_addr *addr)
+{
+       return (x->type->local_addr) ?
+               (struct in6_addr*)x->type->local_addr(x, (xfrm_address_t *)addr) :
+               (struct in6_addr*)&x->props.saddr;
+}
+
 /* Allocate chain of dst_entry's, attach known xfrm's, calculate
  * all the metrics... Shortly, bundle a bundle.
  */
@@ -115,8 +131,8 @@ __xfrm6_bundle_create(struct xfrm_policy *policy, struct xfrm_state **xfrm, int
                dst1->next = dst_prev;
                dst_prev = dst1;
                if (xfrm[i]->props.mode != XFRM_MODE_TRANSPORT) {
-                       remote = (struct in6_addr*)&xfrm[i]->id.daddr;
-                       local  = (struct in6_addr*)&xfrm[i]->props.saddr;
+                       remote = __xfrm6_bundle_addr_remote(xfrm[i], remote);
+                       local  = __xfrm6_bundle_addr_local(xfrm[i], local);
                        tunnel = 1;
                }
                header_len += xfrm[i]->props.header_len;