(usagi-users 03974) Re: Patch for NEMO IPsec

[Romain KUNTZ <kuntz@xxxxxxxxxxxxxxxxxxxxx>]

Hi Sebastien,

On 2007/10/16, at 10:08, Sebastien Decugis wrote:
> This is a patch to apply on top of NEMO BS patch [1]. Currently, when
> TunnelPayload protection is set in the Mobile Router mip6d.conf file,
> the traffic to the MR is protected, but traffic that is directed to a
> MNN is sent in clear between MR and HA.
>
> The attached patch fixes this by adding IPsec policies to protect also
> the traffic to and from the MNP.

Thank you for your patch. I have integrated it in the NEPL patch for  
UMIP 0.4 (with small modifications, see below) that is now available  
on http://www.nautilus6.org/doc/nepl-howto/

Regards,
Romain


> diff -Nur trunk.common-mod/src/xfrm.c trunk.mr/src/xfrm.c
> --- trunk.common-mod/src/xfrm.c	2007-10-15 17:54:32.000000000 +0900
> +++ trunk.mr/src/xfrm.c	2007-10-16 11:59:58.000000000 +0900
[snip]
> +	/* Loop for each HomeAddress info */
> +	list_for_each(home, &conf_parsed->home_addrs)
[snip]
> +	/* Loop for each HomeAddress info */
> +	list_for_each(home, &conf_parsed->home_addrs)

I Changed "conf_parsed->" to "conf" (I suspect you built your patch  
on you previous patch about configuration reload capability).

> diff -Nur trunk.common-mod/src/ha.c trunk.ha/src/ha.c
> --- trunk.common-mod/src/ha.c	2007-10-15 17:54:32.000000000 +0900
> +++ trunk.ha/src/ha.c	2007-10-15 17:45:35.000000000 +0900
[snip]
> +	mnp = &(p->bce->mob_net_prefixes);

I removed the parenthesis as suggested by Yoshifuji-san.

Thanks again,
romain