diff options
Diffstat (limited to 'net/ipv4/ip_options.c')
| -rw-r--r-- | net/ipv4/ip_options.c | 20 |
1 files changed, 19 insertions, 1 deletions
diff --git a/net/ipv4/ip_options.c b/net/ipv4/ip_options.c index 406056edc02b..e7437c091326 100644 --- a/net/ipv4/ip_options.c +++ b/net/ipv4/ip_options.c | |||
| @@ -24,6 +24,7 @@ | |||
| 24 | #include <net/ip.h> | 24 | #include <net/ip.h> |
| 25 | #include <net/icmp.h> | 25 | #include <net/icmp.h> |
| 26 | #include <net/route.h> | 26 | #include <net/route.h> |
| 27 | #include <net/cipso_ipv4.h> | ||
| 27 | 28 | ||
| 28 | /* | 29 | /* |
| 29 | * Write options to IP header, record destination address to | 30 | * Write options to IP header, record destination address to |
| @@ -194,6 +195,13 @@ int ip_options_echo(struct ip_options * dopt, struct sk_buff * skb) | |||
| 194 | dopt->is_strictroute = sopt->is_strictroute; | 195 | dopt->is_strictroute = sopt->is_strictroute; |
| 195 | } | 196 | } |
| 196 | } | 197 | } |
| 198 | if (sopt->cipso) { | ||
| 199 | optlen = sptr[sopt->cipso+1]; | ||
| 200 | dopt->cipso = dopt->optlen+sizeof(struct iphdr); | ||
| 201 | memcpy(dptr, sptr+sopt->cipso, optlen); | ||
| 202 | dptr += optlen; | ||
| 203 | dopt->optlen += optlen; | ||
| 204 | } | ||
| 197 | while (dopt->optlen & 3) { | 205 | while (dopt->optlen & 3) { |
| 198 | *dptr++ = IPOPT_END; | 206 | *dptr++ = IPOPT_END; |
| 199 | dopt->optlen++; | 207 | dopt->optlen++; |
| @@ -434,6 +442,17 @@ int ip_options_compile(struct ip_options * opt, struct sk_buff * skb) | |||
| 434 | if (optptr[2] == 0 && optptr[3] == 0) | 442 | if (optptr[2] == 0 && optptr[3] == 0) |
| 435 | opt->router_alert = optptr - iph; | 443 | opt->router_alert = optptr - iph; |
| 436 | break; | 444 | break; |
| 445 | case IPOPT_CIPSO: | ||
| 446 | if (opt->cipso) { | ||
| 447 | pp_ptr = optptr; | ||
| 448 | goto error; | ||
| 449 | } | ||
| 450 | opt->cipso = optptr - iph; | ||
| 451 | if (cipso_v4_validate(&optptr)) { | ||
| 452 | pp_ptr = optptr; | ||
| 453 | goto error; | ||
| 454 | } | ||
| 455 | break; | ||
| 437 | case IPOPT_SEC: | 456 | case IPOPT_SEC: |
| 438 | case IPOPT_SID: | 457 | case IPOPT_SID: |
| 439 | default: | 458 | default: |
| @@ -506,7 +525,6 @@ static int ip_options_get_finish(struct ip_options **optp, | |||
| 506 | opt->__data[optlen++] = IPOPT_END; | 525 | opt->__data[optlen++] = IPOPT_END; |
| 507 | opt->optlen = optlen; | 526 | opt->optlen = optlen; |
| 508 | opt->is_data = 1; | 527 | opt->is_data = 1; |
| 509 | opt->is_setbyuser = 1; | ||
| 510 | if (optlen && ip_options_compile(opt, NULL)) { | 528 | if (optlen && ip_options_compile(opt, NULL)) { |
| 511 | kfree(opt); | 529 | kfree(opt); |
| 512 | return -EINVAL; | 530 | return -EINVAL; |