[][openwrt][mt7988][crypto][Add CAPWAP-DTLS IPv6 Support]
[Description]
Add CAPWAP-DTLS IPv6 Support.
[Release-log]
N/A
Change-Id: I5da62fe9a2ad0d15d54c992071480788133828d2
Reviewed-on: https://gerrit.mediatek.inc/c/openwrt/feeds/mtk_openwrt_feeds/+/9469564
diff --git a/feed/kernel/crypto-eip/src/ddk-wrapper.c b/feed/kernel/crypto-eip/src/ddk-wrapper.c
index 43bb138..edecc90 100644
--- a/feed/kernel/crypto-eip/src/ddk-wrapper.c
+++ b/feed/kernel/crypto-eip/src/ddk-wrapper.c
@@ -2718,7 +2718,13 @@
SSLTLSParams.epoch = DTLSParam_p->dtls_epoch;
SSLTLSParams.SSLTLSFlags |= SAB_DTLS_PROCESS_IP_HEADERS |
- SAB_DTLS_EXT_PROCESSING | SAB_DTLS_IPV4;
+ SAB_DTLS_EXT_PROCESSING;
+
+ if (DTLSParam_p->net_type == MTK_DTLS_NET_IPV6)
+ SSLTLSParams.SSLTLSFlags |= SAB_DTLS_IPV6;
+ else
+ SSLTLSParams.SSLTLSFlags |= SAB_DTLS_IPV4;
+
if (fCAPWAP)
SSLTLSParams.SSLTLSFlags |= SAB_DTLS_CAPWAP;
@@ -2906,11 +2912,16 @@
}
SSLTLSParams.SSLTLSFlags |= SAB_DTLS_PROCESS_IP_HEADERS |
- SAB_DTLS_EXT_PROCESSING | SAB_DTLS_IPV4;
+ SAB_DTLS_EXT_PROCESSING;
// Create a reference to the header processor context.
SSLTLSParams.epoch = DTLSParam_p->dtls_epoch;
+ if (DTLSParam_p->net_type == MTK_DTLS_NET_IPV6)
+ SSLTLSParams.SSLTLSFlags |= SAB_DTLS_IPV6;
+ else
+ SSLTLSParams.SSLTLSFlags |= SAB_DTLS_IPV4;
+
if (fCAPWAP)
SSLTLSParams.SSLTLSFlags |= SAB_DTLS_CAPWAP;
@@ -2985,9 +2996,16 @@
ZEROINIT(SelectorParams);
ZEROINIT(DTLTransformParams);
- SelectorParams.flags = PCL_SELECT_IPV4;
- SelectorParams.SrcIp = ((unsigned char *)(&(DTLSParam_p->sip)));
- SelectorParams.DstIp = ((unsigned char *)(&(DTLSParam_p->dip)));
+ if (DTLSParam_p->net_type == MTK_DTLS_NET_IPV6) {
+ SelectorParams.flags = PCL_SELECT_IPV6;
+ SelectorParams.SrcIp = ((unsigned char *)(&(DTLSParam_p->sip.ip6.addr)));
+ SelectorParams.DstIp = ((unsigned char *)(&(DTLSParam_p->dip.ip6.addr)));
+ } else {
+ SelectorParams.flags = PCL_SELECT_IPV4;
+ SelectorParams.SrcIp = ((unsigned char *)(&(DTLSParam_p->sip.ip4.addr32)));
+ SelectorParams.DstIp = ((unsigned char *)(&(DTLSParam_p->dip.ip4.addr32)));
+ }
+
SelectorParams.IpProto = 17; //UDP
SelectorParams.SrcPort = DTLSParam_p->sport;
SelectorParams.DstPort = DTLSParam_p->dport;
@@ -3018,9 +3036,15 @@
ZEROINIT(SelectorParams);
ZEROINIT(DTLTransformParams);
- SelectorParams.flags = PCL_SELECT_IPV4;
- SelectorParams.DstIp = ((unsigned char *)(&(DTLSParam_p->sip)));
- SelectorParams.SrcIp = ((unsigned char *)(&(DTLSParam_p->dip)));
+ if (DTLSParam_p->net_type == MTK_DTLS_NET_IPV6) {
+ SelectorParams.flags = PCL_SELECT_IPV6;
+ SelectorParams.SrcIp = ((unsigned char *)(&(DTLSParam_p->dip.ip6.addr)));
+ SelectorParams.DstIp = ((unsigned char *)(&(DTLSParam_p->sip.ip6.addr)));
+ } else {
+ SelectorParams.flags = PCL_SELECT_IPV4;
+ SelectorParams.SrcIp = ((unsigned char *)(&(DTLSParam_p->dip.ip4.addr32)));
+ SelectorParams.DstIp = ((unsigned char *)(&(DTLSParam_p->sip.ip4.addr32)));
+ }
SelectorParams.SrcPort = DTLSParam_p->dport;
SelectorParams.DstPort = DTLSParam_p->sport;
SelectorParams.IpProto = 17; //UDP
diff --git a/feed/kernel/crypto-eip/src/inc/crypto-eip/crypto-eip.h b/feed/kernel/crypto-eip/src/inc/crypto-eip/crypto-eip.h
index 020822e..1b0a994 100644
--- a/feed/kernel/crypto-eip/src/inc/crypto-eip/crypto-eip.h
+++ b/feed/kernel/crypto-eip/src/inc/crypto-eip/crypto-eip.h
@@ -71,9 +71,31 @@
__DTLS_VERSION_MAX = 2,
};
+enum dtls_network_type {
+ MTK_DTLS_NET_NONE = 0,
+ MTK_DTLS_NET_IPV4,
+ MTK_DTLS_NET_IPV6,
+ __MTK_DTLS_NET_MAX,
+};
+
+union ip4_addr {
+ __be32 addr32;
+ u8 addr8[4];
+};
+
+struct ip6_addr {
+ u32 addr[4];
+};
+
+union ip_addr {
+ union ip4_addr ip4;
+ struct ip6_addr ip6;
+};
+
struct DTLS_param {
- __be32 dip;
- __be32 sip;
+ enum dtls_network_type net_type;
+ union ip_addr dip;
+ union ip_addr sip;
uint16_t dport;
uint16_t sport;
uint16_t dtls_epoch;