Commit 967463ef authored by Tom Lendacky's avatar Tom Lendacky Committed by David S. Miller

[IPSEC]: Make sure to clear sin_zero in AF_KEY.

parent de8c10fc
...@@ -563,6 +563,7 @@ static struct sk_buff * pfkey_xfrm_state2msg(struct xfrm_state *x, int add_keys, ...@@ -563,6 +563,7 @@ static struct sk_buff * pfkey_xfrm_state2msg(struct xfrm_state *x, int add_keys,
struct sadb_address *addr; struct sadb_address *addr;
struct sadb_key *key; struct sadb_key *key;
struct sadb_x_sa2 *sa2; struct sadb_x_sa2 *sa2;
struct sockaddr_in *sin;
int size; int size;
int auth_key_size = 0; int auth_key_size = 0;
int encrypt_key_size = 0; int encrypt_key_size = 0;
...@@ -675,9 +676,11 @@ static struct sk_buff * pfkey_xfrm_state2msg(struct xfrm_state *x, int add_keys, ...@@ -675,9 +676,11 @@ static struct sk_buff * pfkey_xfrm_state2msg(struct xfrm_state *x, int add_keys,
addr->sadb_address_proto = 0; addr->sadb_address_proto = 0;
addr->sadb_address_prefixlen = 32; /* XXX */ addr->sadb_address_prefixlen = 32; /* XXX */
addr->sadb_address_reserved = 0; addr->sadb_address_reserved = 0;
((struct sockaddr_in*)(addr + 1))->sin_family = AF_INET; sin = (struct sockaddr_in *) (addr + 1);
((struct sockaddr_in*)(addr + 1))->sin_addr.s_addr = sin->sin_family = AF_INET;
x->props.saddr.xfrm4_addr; sin->sin_addr.s_addr = x->props.saddr.xfrm4_addr;
sin->sin_port = 0;
memset(sin->sin_zero, 0, sizeof(sin->sin_zero));
/* dst address */ /* dst address */
addr = (struct sadb_address*) skb_put(skb, addr = (struct sadb_address*) skb_put(skb,
sizeof(struct sadb_address)+sizeof(struct sockaddr_in)); sizeof(struct sadb_address)+sizeof(struct sockaddr_in));
...@@ -688,9 +691,11 @@ static struct sk_buff * pfkey_xfrm_state2msg(struct xfrm_state *x, int add_keys, ...@@ -688,9 +691,11 @@ static struct sk_buff * pfkey_xfrm_state2msg(struct xfrm_state *x, int add_keys,
addr->sadb_address_proto = 0; addr->sadb_address_proto = 0;
addr->sadb_address_prefixlen = 32; /* XXX */ addr->sadb_address_prefixlen = 32; /* XXX */
addr->sadb_address_reserved = 0; addr->sadb_address_reserved = 0;
((struct sockaddr_in*)(addr + 1))->sin_family = AF_INET; sin = (struct sockaddr_in *) (addr + 1);
((struct sockaddr_in*)(addr + 1))->sin_addr.s_addr = sin->sin_family = AF_INET;
x->id.daddr.xfrm4_addr; sin->sin_addr.s_addr = x->id.daddr.xfrm4_addr;
sin->sin_port = 0;
memset(sin->sin_zero, 0, sizeof(sin->sin_zero));
if (x->sel.saddr.xfrm4_addr != x->props.saddr.xfrm4_addr) { if (x->sel.saddr.xfrm4_addr != x->props.saddr.xfrm4_addr) {
addr = (struct sadb_address*) skb_put(skb, addr = (struct sadb_address*) skb_put(skb,
...@@ -702,11 +707,11 @@ static struct sk_buff * pfkey_xfrm_state2msg(struct xfrm_state *x, int add_keys, ...@@ -702,11 +707,11 @@ static struct sk_buff * pfkey_xfrm_state2msg(struct xfrm_state *x, int add_keys,
addr->sadb_address_proto = pfkey_proto_from_xfrm(x->sel.proto); addr->sadb_address_proto = pfkey_proto_from_xfrm(x->sel.proto);
addr->sadb_address_prefixlen = x->sel.prefixlen_s; addr->sadb_address_prefixlen = x->sel.prefixlen_s;
addr->sadb_address_reserved = 0; addr->sadb_address_reserved = 0;
((struct sockaddr_in*)(addr + 1))->sin_family = AF_INET; sin = (struct sockaddr_in*)(addr + 1);
((struct sockaddr_in*)(addr + 1))->sin_addr.s_addr = sin->sin_family = AF_INET;
x->sel.saddr.xfrm4_addr; sin->sin_addr.s_addr = x->sel.saddr.xfrm4_addr;
((struct sockaddr_in*)(addr + 1))->sin_port = sin->sin_port = x->sel.sport;
x->sel.sport; memset(sin->sin_zero, 0, sizeof(sin->sin_zero));
} }
/* auth key */ /* auth key */
...@@ -2060,10 +2065,11 @@ static int pfkey_send_acquire(struct xfrm_state *x, struct xfrm_tmpl *t, struct ...@@ -2060,10 +2065,11 @@ static int pfkey_send_acquire(struct xfrm_state *x, struct xfrm_tmpl *t, struct
addr->sadb_address_proto = 0; addr->sadb_address_proto = 0;
addr->sadb_address_prefixlen = 32; addr->sadb_address_prefixlen = 32;
addr->sadb_address_reserved = 0; addr->sadb_address_reserved = 0;
((struct sockaddr_in*)(addr + 1))->sin_family = AF_INET; sin = (struct sockaddr_in*)(addr + 1);
((struct sockaddr_in*)(addr + 1))->sin_addr.s_addr = sin->sin_family = AF_INET;
x->props.saddr.xfrm4_addr; sin->sin_addr.s_addr = x->props.saddr.xfrm4_addr;
((struct sockaddr_in*)(addr + 1))->sin_port = 0; sin->sin_port = 0;
memset(sin->sin_zero, 0, sizeof(sin->sin_zero));
/* dst address */ /* dst address */
addr = (struct sadb_address*) skb_put(skb, addr = (struct sadb_address*) skb_put(skb,
...@@ -2075,10 +2081,11 @@ static int pfkey_send_acquire(struct xfrm_state *x, struct xfrm_tmpl *t, struct ...@@ -2075,10 +2081,11 @@ static int pfkey_send_acquire(struct xfrm_state *x, struct xfrm_tmpl *t, struct
addr->sadb_address_proto = 0; addr->sadb_address_proto = 0;
addr->sadb_address_prefixlen = 32; addr->sadb_address_prefixlen = 32;
addr->sadb_address_reserved = 0; addr->sadb_address_reserved = 0;
((struct sockaddr_in*)(addr + 1))->sin_family = AF_INET; sin = (struct sockaddr_in*)(addr + 1);
((struct sockaddr_in*)(addr + 1))->sin_addr.s_addr = sin->sin_family = AF_INET;
x->id.daddr.xfrm4_addr; sin->sin_addr.s_addr = x->id.daddr.xfrm4_addr;
((struct sockaddr_in*)(addr + 1))->sin_port = 0; sin->sin_port = 0;
memset(sin->sin_zero, 0, sizeof(sin->sin_zero));
pol = (struct sadb_x_policy *) skb_put(skb, sizeof(struct sadb_x_policy)); pol = (struct sadb_x_policy *) skb_put(skb, sizeof(struct sadb_x_policy));
pol->sadb_x_policy_len = sizeof(struct sadb_x_policy)/sizeof(uint64_t); pol->sadb_x_policy_len = sizeof(struct sadb_x_policy)/sizeof(uint64_t);
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment