diff options
author | Antony Antony <antony@phenome.org> | 2017-06-06 12:12:13 +0200 |
---|---|---|
committer | Steffen Klassert <steffen.klassert@secunet.com> | 2017-06-07 08:25:58 +0200 |
commit | 4ab47d47af20addd6ecee1ece0205b1fbf483942 (patch) | |
tree | 7159ac7737efd4cc51aa11ed14c99fffa7e188bb /net/key | |
parent | d49c9dc1c84878b0c044af7519a80ccb814b3f9f (diff) |
xfrm: extend MIGRATE with UDP encapsulation port
Add UDP encapsulation port to XFRM_MSG_MIGRATE using an optional
netlink attribute XFRMA_ENCAP.
The devices that support IKE MOBIKE extension (RFC-4555 Section 3.8)
could go to sleep for a few minutes and wake up. When it wake up the
NAT mapping could have expired, the device send a MOBIKE UPDATE_SA
message to migrate the IPsec SA. The change could be a change UDP
encapsulation port, IP address, or both.
Reported-by: Paul Wouters <pwouters@redhat.com>
Signed-off-by: Antony Antony <antony@phenome.org>
Reviewed-by: Richard Guy Briggs <rgb@tricolour.ca>
Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
Diffstat (limited to 'net/key')
-rw-r--r-- | net/key/af_key.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/net/key/af_key.c b/net/key/af_key.c index c1950bb14735..3b130cbdc463 100644 --- a/net/key/af_key.c +++ b/net/key/af_key.c @@ -2602,7 +2602,7 @@ static int pfkey_migrate(struct sock *sk, struct sk_buff *skb, } return xfrm_migrate(&sel, dir, XFRM_POLICY_TYPE_MAIN, m, i, - kma ? &k : NULL, net); + kma ? &k : NULL, net, NULL); out: return err; |