Module Name: src
Committed By: knakahara
Date: Fri Jan 31 06:54:19 UTC 2020
Modified Files:
src/sys/netipsec: ipsecif.c
Log Message:
Fix IPv6 over IPv4 ipsecif(4) uses IPv4 SP wrongly. Pointed out by ohishi@IIJ.
XXX pullup-8, pullup-9
To generate a diff of this commit:
cvs rdiff -u -r1.18 -r1.19 src/sys/netipsec/ipsecif.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/netipsec/ipsecif.c
diff -u src/sys/netipsec/ipsecif.c:1.18 src/sys/netipsec/ipsecif.c:1.19
--- src/sys/netipsec/ipsecif.c:1.18 Fri Nov 1 04:28:14 2019
+++ src/sys/netipsec/ipsecif.c Fri Jan 31 06:54:19 2020
@@ -1,4 +1,4 @@
-/* $NetBSD: ipsecif.c,v 1.18 2019/11/01 04:28:14 knakahara Exp $ */
+/* $NetBSD: ipsecif.c,v 1.19 2020/01/31 06:54:19 knakahara Exp $ */
/*
* Copyright (c) 2017 Internet Initiative Japan Inc.
@@ -27,7 +27,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: ipsecif.c,v 1.18 2019/11/01 04:28:14 knakahara Exp $");
+__KERNEL_RCSID(0, "$NetBSD: ipsecif.c,v 1.19 2020/01/31 06:54:19 knakahara Exp $");
#ifdef _KERNEL_OPT
#include "opt_inet.h"
@@ -380,7 +380,17 @@ ipsecif4_output(struct ipsec_variant *va
KASSERT(var->iv_psrc->sa_family == AF_INET);
KASSERT(var->iv_pdst->sa_family == AF_INET);
- sp = IV_SP_OUT(var);
+ switch (family) {
+ case AF_INET:
+ sp = IV_SP_OUT(var);
+ break;
+ case AF_INET6:
+ sp = IV_SP_OUT6(var);
+ break;
+ default:
+ m_freem(m);
+ return EAFNOSUPPORT;
+ }
KASSERT(sp != NULL);
/*
* The SPs in ipsec_variant are prevented from freed by
