[Openswan Users] Kernel-2.6.27 and nat-t patch

Sasa sasa at shoponweb.it
Tue Jun 23 10:35:38 EDT 2009


Hi, on the kernel 2.6.27.24 and with Openswan 2.4.13 I have the following 
error message:

#patch -p1<../openswan-2.4.13.kernel-2.6-natt.patch
...
Hunk #1 succeeded at 110 with fuzz 1.
Hunk #2 FAILED at 897.
Hunk #3 FAILED at 940.
Hunk #4 FAILED at 1060.
Hunk #5 FAILED at 1157.
Hunk #6 FAILED at 1613.
5 out of 6 hunks FAILED -- saving rejects to file net/ipv4/udp.c.rej

I have read in previous thread (with subject "kernel patch NAT TRAVERSAL") 
about this error but in my udp.c.rej file I haven't code with 1472, in my 
file I have:

***************
*** 894,899 ****
        sk_common_release(sk);
  }

  /* return:
   *    1  if the the UDP system should process it
   *    0  if we should drop this packet
--- 897,940 ----
        sk_common_release(sk);
  }

+ #if defined(CONFIG_XFRM) || defined(CONFIG_IPSEC_NAT_TRAVERSAL)
+
+ /* if XFRM isn't a module, then register it directly. */
+ #if !defined(CONFIG_XFRM_MODULE)
+ static xfrm4_rcv_encap_t xfrm4_rcv_encap_func = xfrm4_rcv_encap;
+ #else
+ static xfrm4_rcv_encap_t xfrm4_rcv_encap_func = NULL;
+ #endif
+
+ static xfrm4_rcv_encap_t xfrm4_rcv_encap_func;
+
+ int udp4_register_esp_rcvencap(xfrm4_rcv_encap_t func
+                              , xfrm4_rcv_encap_t *oldfunc)
+ {
+   if(oldfunc != NULL) {
+     *oldfunc = xfrm4_rcv_encap_func;
+   }
+
+ #if 0
+   if(xfrm4_rcv_encap_func != NULL)
+     return -1;
+ #endif
+
+   xfrm4_rcv_encap_func = func;
+   return 0;
+ }
+
+ int udp4_unregister_esp_rcvencap(xfrm4_rcv_encap_t func)
+ {
+   if(xfrm4_rcv_encap_func != func)
+     return -1;
+
+   xfrm4_rcv_encap_func = NULL;
+   return 0;
+ }
+ #endif /* CONFIG_XFRM || defined(CONFIG_IPSEC_NAT_TRAVERSAL)*/
+
+
  /* return:
   *    1  if the the UDP system should process it
   *    0  if we should drop this packet
***************
*** 901,909 ****
   */
  static int udp_encap_rcv(struct sock * sk, struct sk_buff *skb)
  {
- #ifndef CONFIG_XFRM
        return 1;
- #else
        struct udp_sock *up = udp_sk(sk);
        struct udphdr *uh = skb->h.uh;
        struct iphdr *iph;
--- 940,948 ----
   */
  static int udp_encap_rcv(struct sock * sk, struct sk_buff *skb)
  {
+ #if !defined(CONFIG_XFRM) && !defined(CONFIG_IPSEC_NAT_TRAVERSAL)
        return 1;
+ #else /* either CONFIG_XFRM or CONFIG_IPSEC_NAT_TRAVERSAL */
        struct udp_sock *up = udp_sk(sk);
        struct udphdr *uh = skb->h.uh;
        struct iphdr *iph;
***************
*** 1021,1030 ****
                        return 0;
                }
                if (ret < 0) {
-                       /* process the ESP packet */
-                       ret = xfrm4_rcv_encap(skb, up->encap_type);
-                       UDP_INC_STATS_BH(UDP_MIB_INDATAGRAMS);
-                       return -ret;
                }
                /* FALLTHROUGH -- it's a UDP Packet */
        }
--- 1060,1073 ----
                        return 0;
                }
                if (ret < 0) {
+                       if(xfrm4_rcv_encap_func != NULL) {
+                         ret = (*xfrm4_rcv_encap_func)(skb, 
up->encap_type);
+                         UDP_INC_STATS_BH(UDP_MIB_INDATAGRAMS);
+                       } else {
+                         UDP_INC_STATS_BH(UDP_MIB_INERRORS);
+                         ret = 1;
+                       }
+                       return ret;
                }
                /* FALLTHROUGH -- it's a UDP Packet */
        }
***************
*** 1114,1120 ****
  /*
   *    All we need to do is get the socket, and then do a checksum.
   */
-
  int udp_rcv(struct sk_buff *skb)
  {
        struct sock *sk;
--- 1157,1162 ----
  /*
   *    All we need to do is get the socket, and then do a checksum.
   */
  int udp_rcv(struct sk_buff *skb)
  {
        struct sock *sk;
***************
*** 1571,1573 ****
  EXPORT_SYMBOL(udp_proc_register);
  EXPORT_SYMBOL(udp_proc_unregister);
  #endif
--- 1613,1621 ----
  EXPORT_SYMBOL(udp_proc_register);
  EXPORT_SYMBOL(udp_proc_unregister);
  #endif
+
+ #if defined(CONFIG_IPSEC_NAT_TRAVERSAL)
+ EXPORT_SYMBOL(udp4_register_esp_rcvencap);
+ EXPORT_SYMBOL(udp4_unregister_esp_rcvencap);
+ #endif
+

I did not understand what I must change within the file udp.c.rej.
Thanks.

------

   Salvatore.




More information about the Users mailing list