Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/sys/netinet6 committed by mistake, sorry
details: https://anonhg.NetBSD.org/src/rev/6d0760e6cf05
branches: trunk
changeset: 551366:6d0760e6cf05
user: itojun <itojun%NetBSD.org@localhost>
date: Sat Sep 06 04:20:57 2003 +0000
description:
committed by mistake, sorry
diffstat:
sys/netinet6/in6_ifattach.c | 6 +---
sys/netinet6/ipsec.c | 60 +++++++++------------------------------------
sys/netinet6/ipsec.h | 7 ++---
3 files changed, 17 insertions(+), 56 deletions(-)
diffs (253 lines):
diff -r 824a9f682ea2 -r 6d0760e6cf05 sys/netinet6/in6_ifattach.c
--- a/sys/netinet6/in6_ifattach.c Sat Sep 06 04:13:50 2003 +0000
+++ b/sys/netinet6/in6_ifattach.c Sat Sep 06 04:20:57 2003 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: in6_ifattach.c,v 1.56 2003/09/06 04:13:50 itojun Exp $ */
+/* $NetBSD: in6_ifattach.c,v 1.57 2003/09/06 04:20:57 itojun Exp $ */
/* $KAME: in6_ifattach.c,v 1.124 2001/07/18 08:32:51 jinmei Exp $ */
/*
@@ -31,7 +31,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: in6_ifattach.c,v 1.56 2003/09/06 04:13:50 itojun Exp $");
+__KERNEL_RCSID(0, "$NetBSD: in6_ifattach.c,v 1.57 2003/09/06 04:20:57 itojun Exp $");
#include <sys/param.h>
#include <sys/systm.h>
@@ -580,8 +580,6 @@
/* some of the interfaces are inherently not IPv6 capable */
switch (ifp->if_type) {
case IFT_BRIDGE:
- case IFT_PFLOG:
- case IFT_PFSYNC:
return;
}
diff -r 824a9f682ea2 -r 6d0760e6cf05 sys/netinet6/ipsec.c
--- a/sys/netinet6/ipsec.c Sat Sep 06 04:13:50 2003 +0000
+++ b/sys/netinet6/ipsec.c Sat Sep 06 04:20:57 2003 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: ipsec.c,v 1.75 2003/09/06 04:13:51 itojun Exp $ */
+/* $NetBSD: ipsec.c,v 1.76 2003/09/06 04:20:57 itojun Exp $ */
/* $KAME: ipsec.c,v 1.136 2002/05/19 00:36:39 itojun Exp $ */
/*
@@ -35,7 +35,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: ipsec.c,v 1.75 2003/09/06 04:13:51 itojun Exp $");
+__KERNEL_RCSID(0, "$NetBSD: ipsec.c,v 1.76 2003/09/06 04:20:57 itojun Exp $");
#include "opt_inet.h"
#include "opt_ipsec.h"
@@ -120,7 +120,6 @@
#endif /* INET6 */
-static struct pf_tag *ipsec_get_tag __P((struct mbuf *));
static struct secpolicy *ipsec_checkpcbcache __P((struct mbuf *,
struct inpcbpolicy *, int));
static int ipsec_fillpcbcache __P((struct inpcbpolicy *, struct mbuf *,
@@ -323,18 +322,6 @@
return 0;
}
-static struct pf_tag *
-ipsec_get_tag(m)
- struct mbuf *m;
-{
- struct m_tag *mtag;
-
- if ((mtag = m_tag_find(m, PACKET_TAG_PF_TAG, NULL)) != NULL)
- return ((struct pf_tag *)(mtag + 1));
- else
- return (NULL);
-}
-
/*
* For OUTBOUND packet having a socket. Searching SPD for packet,
* and return a pointer to SP.
@@ -358,8 +345,6 @@
struct secpolicy *currsp = NULL; /* policy on socket */
struct secpolicy *kernsp = NULL; /* policy on kernel */
struct secpolicyindex spidx;
- struct pf_tag *t;
- u_int16_t tag;
/* sanity check */
if (m == NULL || so == NULL || error == NULL)
@@ -383,9 +368,6 @@
panic("ipsec4_getpolicybysock: pcbsp is NULL.");
#endif
- t = ipsec_get_tag(m);
- tag = t ? t->tag : 0;
-
/* if we have a cached entry, and if it is still valid, use it. */
ipsecstat.spdcachelookup++;
currsp = ipsec_checkpcbcache(m, pcbsp, dir);
@@ -422,7 +404,7 @@
case IPSEC_POLICY_ENTRUST:
/* look for a policy in SPD */
if (ipsec_setspidx_mbuf(&spidx, AF_INET, m, 1) == 0 &&
- (kernsp = key_allocsp(tag, &spidx, dir)) != NULL) {
+ (kernsp = key_allocsp(&spidx, dir)) != NULL) {
/* SP found */
KEYDEBUG(KEYDEBUG_IPSEC_STAMP,
printf("DP ipsec4_getpolicybysock called "
@@ -456,7 +438,7 @@
/* when non-privilieged socket */
/* look for a policy in SPD */
if (ipsec_setspidx_mbuf(&spidx, AF_INET, m, 1) == 0 &&
- (kernsp = key_allocsp(tag, &spidx, dir)) != NULL) {
+ (kernsp = key_allocsp(&spidx, dir)) != NULL) {
/* SP found */
KEYDEBUG(KEYDEBUG_IPSEC_STAMP,
printf("DP ipsec4_getpolicybysock called "
@@ -514,8 +496,6 @@
int *error;
{
struct secpolicy *sp = NULL;
- struct pf_tag *t;
- u_int16_t tag;
/* sanity check */
if (m == NULL || error == NULL)
@@ -527,17 +507,14 @@
bzero(&spidx, sizeof(spidx));
- /* make an index to look for a policy */
+ /* make a index to look for a policy */
*error = ipsec_setspidx_mbuf(&spidx, AF_INET, m,
(flag & IP_FORWARDING) ? 0 : 1);
if (*error != 0)
return NULL;
- t = ipsec_get_tag(m);
- tag = t ? t->tag : 0;
-
- sp = key_allocsp(tag, &spidx, dir);
+ sp = key_allocsp(&spidx, dir);
}
/* SP found */
@@ -577,9 +554,6 @@
struct secpolicy *currsp = NULL; /* policy on socket */
struct secpolicy *kernsp = NULL; /* policy on kernel */
struct secpolicyindex spidx;
- struct pf_tag *t;
- u_int16_t tag;
-
/* sanity check */
if (m == NULL || so == NULL || error == NULL)
@@ -597,9 +571,6 @@
panic("ipsec6_getpolicybysock: pcbsp is NULL.");
#endif
- t = ipsec_get_tag(m);
- tag = t ? t->tag : 0;
-
/* if we have a cached entry, and if it is still valid, use it. */
ipsec6stat.spdcachelookup++;
currsp = ipsec_checkpcbcache(m, pcbsp, dir);
@@ -636,7 +607,7 @@
case IPSEC_POLICY_ENTRUST:
/* look for a policy in SPD */
if (ipsec_setspidx_mbuf(&spidx, AF_INET6, m, 1) == 0 &&
- (kernsp = key_allocsp(tag, &spidx, dir)) != NULL) {
+ (kernsp = key_allocsp(&spidx, dir)) != NULL) {
/* SP found */
KEYDEBUG(KEYDEBUG_IPSEC_STAMP,
printf("DP ipsec6_getpolicybysock called "
@@ -670,7 +641,7 @@
/* when non-privilieged socket */
/* look for a policy in SPD */
if (ipsec_setspidx_mbuf(&spidx, AF_INET6, m, 1) == 0 &&
- (kernsp = key_allocsp(tag, &spidx, dir)) != NULL) {
+ (kernsp = key_allocsp(&spidx, dir)) != NULL) {
/* SP found */
KEYDEBUG(KEYDEBUG_IPSEC_STAMP,
printf("DP ipsec6_getpolicybysock called "
@@ -735,8 +706,6 @@
int *error;
{
struct secpolicy *sp = NULL;
- struct pf_tag *t;
- u_int16_t tag;
/* sanity check */
if (m == NULL || error == NULL)
@@ -748,17 +717,14 @@
bzero(&spidx, sizeof(spidx));
- /* make an index to look for a policy */
+ /* make a index to look for a policy */
*error = ipsec_setspidx_mbuf(&spidx, AF_INET6, m,
(flag & IP_FORWARDING) ? 0 : 1);
if (*error != 0)
return NULL;
- t = ipsec_get_tag(m);
- tag = t ? t->tag : 0;
-
- sp = key_allocsp(tag, &spidx, dir);
+ sp = key_allocsp(&spidx, dir);
}
/* SP found */
@@ -1767,8 +1733,7 @@
* ipsec4_getpolicybyaddr() with IP_FORWARDING flag.
*/
if (so == NULL)
- sp = ipsec4_getpolicybyaddr(m, IPSEC_DIR_INBOUND,
- IP_FORWARDING, &error);
+ sp = ipsec4_getpolicybyaddr(m, IPSEC_DIR_INBOUND, IP_FORWARDING, &error);
else
sp = ipsec4_getpolicybysock(m, IPSEC_DIR_INBOUND, so, &error);
@@ -1821,8 +1786,7 @@
* ipsec6_getpolicybyaddr() with IP_FORWARDING flag.
*/
if (so == NULL)
- sp = ipsec6_getpolicybyaddr(m, IPSEC_DIR_INBOUND,
- IP_FORWARDING, &error);
+ sp = ipsec6_getpolicybyaddr(m, IPSEC_DIR_INBOUND, IP_FORWARDING, &error);
else
sp = ipsec6_getpolicybysock(m, IPSEC_DIR_INBOUND, so, &error);
diff -r 824a9f682ea2 -r 6d0760e6cf05 sys/netinet6/ipsec.h
--- a/sys/netinet6/ipsec.h Sat Sep 06 04:13:50 2003 +0000
+++ b/sys/netinet6/ipsec.h Sat Sep 06 04:20:57 2003 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: ipsec.h,v 1.36 2003/09/06 04:13:52 itojun Exp $ */
+/* $NetBSD: ipsec.h,v 1.37 2003/09/06 04:20:58 itojun Exp $ */
/* $KAME: ipsec.h,v 1.51 2001/08/05 04:52:58 itojun Exp $ */
/*
@@ -76,8 +76,7 @@
int readonly; /* write prohibited */
int refcnt; /* reference count */
struct secpolicyindex *spidx; /* selector - NULL if not valid */
- u_int16_t tag; /* PF tag */
- u_int32_t id; /* it identifies a policy in the SPD. */
+ u_int32_t id; /* It's unique number on the system. */
#define IPSEC_MANUAL_POLICYID_MAX 0x3fff
/*
* 1 - 0x3fff are reserved for user operation.
@@ -353,7 +352,7 @@
#ifdef INET6
struct in6pcb;
#endif
-extern int ipsec_init_pcbpolicy __P((struct socket *, struct inpcbpolicy **));
+extern int ipsec_init_pcbpolicy __P((struct socket *so, struct inpcbpolicy **));
extern int ipsec_copy_pcbpolicy
__P((struct inpcbpolicy *, struct inpcbpolicy *));
extern u_int ipsec_get_reqlevel __P((struct ipsecrequest *, int));
Home |
Main Index |
Thread Index |
Old Index