Commit a4b9d85d authored by Daniel Lenski's avatar Daniel Lenski

Clarify a few uncommented corners of the ESP support

Signed-off-by: default avatarDaniel Lenski <dlenski@gmail.com>
parent 0281a8e1
......@@ -146,6 +146,7 @@ int esp_mainloop(struct openconnect_info *vpninfo, int *timeout)
len);
work_done = 1;
/* both supported algos (SHA1 and MD5) have 12-byte MAC lengths (RFC2403 and RFC2404) */
if (len <= sizeof(pkt->esp) + 12)
continue;
......@@ -169,6 +170,11 @@ int esp_mainloop(struct openconnect_info *vpninfo, int *timeout)
continue;
}
/* Possible values of the Next Header field are:
0x04: IP[v4]-in-IP
0x05: supposed to mean Internet Stream Protocol
(XXX: but used for LZO compressed packets by Juniper)
0x29: IPv6 encapsulation */
if (pkt->data[len - 1] != 0x04 && pkt->data[len - 1] != 0x29 &&
pkt->data[len - 1] != 0x05) {
vpn_progress(vpninfo, PRG_ERR,
......
......@@ -904,7 +904,8 @@ int openconnect_setup_tun_device(struct openconnect_info *vpninfo,
static const char *compr_name_map[] = {
[COMPR_DEFLATE] = "Deflate",
[COMPR_LZS] = "LZS",
[COMPR_LZ4] = "LZ4"
[COMPR_LZ4] = "LZ4",
[COMPR_LZO] = "LZO",
};
const char *openconnect_get_cstp_compression(struct openconnect_info * vpninfo)
......
......@@ -323,6 +323,7 @@ static int process_attr(struct openconnect_info *vpninfo, int group, int attr,
if (attrlen != 1)
goto badlen;
vpninfo->esp_compr = data[0];
vpninfo->dtls_compr = data[0] ? COMPR_LZO : 0;
vpn_progress(vpninfo, PRG_DEBUG, _("ESP compression: %d\n"), data[0]);
break;
......
......@@ -174,10 +174,11 @@ struct pkt {
#define COMPR_DEFLATE (1<<0)
#define COMPR_LZS (1<<1)
#define COMPR_LZ4 (1<<2)
#define COMPR_MAX COMPR_LZ4
#define COMPR_LZO (1<<3)
#define COMPR_MAX COMPR_LZO
#ifdef HAVE_LZ4
#define COMPR_STATELESS (COMPR_LZS | COMPR_LZ4)
#define COMPR_STATELESS (COMPR_LZS | COMPR_LZ4 | COMPR_LZO)
#else
#define COMPR_STATELESS (COMPR_LZS)
#endif
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment