Attachment #178602 for bug #213869

View | Details | Raw Unified | Return to bug 213869
Collapse All | Expand All




#endif /* INET6 */

static int ipsec_in_reject(struct secpolicy *, const struct mbuf *);
static int ipsec_setspidx_inpcb(const struct mbuf *, struct inpcb *, u_int);
static int ipsec_setspidx(const struct mbuf *, struct secpolicyindex *, int);
static void ipsec4_get_ulp(const struct mbuf *m, struct secpolicyindex *, int);
static int ipsec4_setspidx_ipaddr(const struct mbuf *, struct secpolicyindex *);

	}

	/* Set spidx in pcb. */
	*error = ipsec_setspidx_inpcb(m, inp, dir);
	if (*error)
		return (NULL);


}

static int
ipsec_setspidx_inpcb(const struct mbuf *m, struct inpcb *inp, u_int dir)
{
	struct secpolicyindex *spidx;
	int error;

	IPSEC_ASSERT(inp != NULL, ("null inp"));

	IPSEC_ASSERT(inp->inp_sp->sp_out != NULL && inp->inp_sp->sp_in != NULL,
		("null sp_in || sp_out"));

	if (dir == IPSEC_DIR_INBOUND)
		spidx = &inp->inp_sp->sp_in->spidx;
	else
		spidx = &inp->inp_sp->sp_out->spidx;
	error = ipsec_setspidx(m, spidx, 1);
	if (error == 0) {
		spidx->dir = dir;
		inp->inp_sp->sp_out->spidx = inp->inp_sp->sp_in->spidx;
		inp->inp_sp->sp_out->spidx.dir = IPSEC_DIR_OUTBOUND;
	} else {
		bzero(&inp->inp_sp->sp_in->spidx,
			sizeof (inp->inp_sp->sp_in->spidx));

Return to bug 213869

Lines 241-247 SYSCTL_VNET_PCPUSTAT(_net_inet6_ipsec6, IPSECCTL_S Link Here

(-)sys/netipsec/ipsec.c (-7 / +10 lines)
241	#endif /* INET6 */	241	#endif /* INET6 */
242		242
243	static int ipsec_in_reject(struct secpolicy , const struct mbuf );	243	static int ipsec_in_reject(struct secpolicy , const struct mbuf );
244	static int ipsec_setspidx_inpcb(const struct mbuf , struct inpcb );	244	static int ipsec_setspidx_inpcb(const struct mbuf , struct inpcb , u_int);
245	static int ipsec_setspidx(const struct mbuf , struct secpolicyindex , int);	245	static int ipsec_setspidx(const struct mbuf , struct secpolicyindex , int);
246	static void ipsec4_get_ulp(const struct mbuf m, struct secpolicyindex , int);	246	static void ipsec4_get_ulp(const struct mbuf m, struct secpolicyindex , int);
247	static int ipsec4_setspidx_ipaddr(const struct mbuf , struct secpolicyindex );	247	static int ipsec4_setspidx_ipaddr(const struct mbuf , struct secpolicyindex );
Lines 343-349 ipsec_getpolicybysock(const struct mbuf *m, u_int Link Here
343	}	343	}
344		344
345	/* Set spidx in pcb. */	345	/* Set spidx in pcb. */
346	*error = ipsec_setspidx_inpcb(m, inp);	346	*error = ipsec_setspidx_inpcb(m, inp, dir);
347	if (*error)	347	if (*error)
348	return (NULL);	348	return (NULL);
349		349
Lines 500-507 ipsec4_checkpolicy(const struct mbuf *m, u_int dir Link Here
500	}	500	}
501		501
502	static int	502	static int
503	ipsec_setspidx_inpcb(const struct mbuf m, struct inpcb inp)	503	ipsec_setspidx_inpcb(const struct mbuf m, struct inpcb inp, u_int dir)
504	{	504	{
		505	struct secpolicyindex *spidx;
505	int error;	506	int error;
506		507
507	IPSEC_ASSERT(inp != NULL, ("null inp"));	508	IPSEC_ASSERT(inp != NULL, ("null inp"));
Lines 509-519 static int Link Here
509	IPSEC_ASSERT(inp->inp_sp->sp_out != NULL && inp->inp_sp->sp_in != NULL,	510	IPSEC_ASSERT(inp->inp_sp->sp_out != NULL && inp->inp_sp->sp_in != NULL,
510	("null sp_in \|\| sp_out"));	511	("null sp_in \|\| sp_out"));
511		512
512	error = ipsec_setspidx(m, &inp->inp_sp->sp_in->spidx, 1);	513	if (dir == IPSEC_DIR_INBOUND)
		514	spidx = &inp->inp_sp->sp_in->spidx;
		515	else
		516	spidx = &inp->inp_sp->sp_out->spidx;
		517	error = ipsec_setspidx(m, spidx, 1);
513	if (error == 0) {	518	if (error == 0) {
514	inp->inp_sp->sp_in->spidx.dir = IPSEC_DIR_INBOUND;	519	spidx->dir = dir;
515	inp->inp_sp->sp_out->spidx = inp->inp_sp->sp_in->spidx;
516	inp->inp_sp->sp_out->spidx.dir = IPSEC_DIR_OUTBOUND;
517	} else {	520	} else {
518	bzero(&inp->inp_sp->sp_in->spidx,	521	bzero(&inp->inp_sp->sp_in->spidx,
519	sizeof (inp->inp_sp->sp_in->spidx));	522	sizeof (inp->inp_sp->sp_in->spidx));