diff options
| author | Antony Antony <antony@phenome.org> | 2017-06-06 06:12:13 -0400 |
|---|---|---|
| committer | Steffen Klassert <steffen.klassert@secunet.com> | 2017-06-07 02:25:58 -0400 |
| commit | 4ab47d47af20addd6ecee1ece0205b1fbf483942 (patch) | |
| tree | 7159ac7737efd4cc51aa11ed14c99fffa7e188bb /net/key | |
| parent | d49c9dc1c84878b0c044af7519a80ccb814b3f9f (diff) | |
xfrm: extend MIGRATE with UDP encapsulation port
Add UDP encapsulation port to XFRM_MSG_MIGRATE using an optional
netlink attribute XFRMA_ENCAP.
The devices that support IKE MOBIKE extension (RFC-4555 Section 3.8)
could go to sleep for a few minutes and wake up. When it wake up the
NAT mapping could have expired, the device send a MOBIKE UPDATE_SA
message to migrate the IPsec SA. The change could be a change UDP
encapsulation port, IP address, or both.
Reported-by: Paul Wouters <pwouters@redhat.com>
Signed-off-by: Antony Antony <antony@phenome.org>
Reviewed-by: Richard Guy Briggs <rgb@tricolour.ca>
Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
Diffstat (limited to 'net/key')
| -rw-r--r-- | net/key/af_key.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/net/key/af_key.c b/net/key/af_key.c index c1950bb14735..3b130cbdc463 100644 --- a/net/key/af_key.c +++ b/net/key/af_key.c | |||
| @@ -2602,7 +2602,7 @@ static int pfkey_migrate(struct sock *sk, struct sk_buff *skb, | |||
| 2602 | } | 2602 | } |
| 2603 | 2603 | ||
| 2604 | return xfrm_migrate(&sel, dir, XFRM_POLICY_TYPE_MAIN, m, i, | 2604 | return xfrm_migrate(&sel, dir, XFRM_POLICY_TYPE_MAIN, m, i, |
| 2605 | kma ? &k : NULL, net); | 2605 | kma ? &k : NULL, net, NULL); |
| 2606 | 2606 | ||
| 2607 | out: | 2607 | out: |
| 2608 | return err; | 2608 | return err; |