Module Name: src Committed By: ozaki-r Date: Thu Jul 6 09:49:46 UTC 2017
Modified Files: src/sys/netipsec: ipsec_input.c ipsec_output.c Log Message: Simplify; we can assume sav->tdb_xform cannot be NULL while it's valid To generate a diff of this commit: cvs rdiff -u -r1.45 -r1.46 src/sys/netipsec/ipsec_input.c cvs rdiff -u -r1.49 -r1.50 src/sys/netipsec/ipsec_output.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
Modified files: Index: src/sys/netipsec/ipsec_input.c diff -u src/sys/netipsec/ipsec_input.c:1.45 src/sys/netipsec/ipsec_input.c:1.46 --- src/sys/netipsec/ipsec_input.c:1.45 Wed Jul 5 03:44:59 2017 +++ src/sys/netipsec/ipsec_input.c Thu Jul 6 09:49:46 2017 @@ -1,4 +1,4 @@ -/* $NetBSD: ipsec_input.c,v 1.45 2017/07/05 03:44:59 ozaki-r Exp $ */ +/* $NetBSD: ipsec_input.c,v 1.46 2017/07/06 09:49:46 ozaki-r Exp $ */ /* $FreeBSD: /usr/local/www/cvsroot/FreeBSD/src/sys/netipsec/ipsec_input.c,v 1.2.4.2 2003/03/28 20:32:53 sam Exp $ */ /* $OpenBSD: ipsec_input.c,v 1.63 2003/02/20 18:35:43 deraadt Exp $ */ @@ -39,7 +39,7 @@ */ #include <sys/cdefs.h> -__KERNEL_RCSID(0, "$NetBSD: ipsec_input.c,v 1.45 2017/07/05 03:44:59 ozaki-r Exp $"); +__KERNEL_RCSID(0, "$NetBSD: ipsec_input.c,v 1.46 2017/07/06 09:49:46 ozaki-r Exp $"); /* * IPsec input processing. @@ -281,18 +281,7 @@ ipsec_common_input(struct mbuf *m, int s return ENOENT; } - if (sav->tdb_xform == NULL) { - IPSECLOG(LOG_DEBUG, - "attempted to use uninitialized SA %s/%08lx/%u\n", - ipsec_address(&dst_address, buf, sizeof(buf)), - (u_long) ntohl(spi), sproto); - IPSEC_ISTAT(sproto, ESP_STAT_NOXFORM, AH_STAT_NOXFORM, - IPCOMP_STAT_NOXFORM); - KEY_FREESAV(&sav); - splx(s); - m_freem(m); - return ENXIO; - } + KASSERT(sav->tdb_xform != NULL); /* * Call appropriate transform and return -- callback takes care of Index: src/sys/netipsec/ipsec_output.c diff -u src/sys/netipsec/ipsec_output.c:1.49 src/sys/netipsec/ipsec_output.c:1.50 --- src/sys/netipsec/ipsec_output.c:1.49 Tue Jul 4 06:45:05 2017 +++ src/sys/netipsec/ipsec_output.c Thu Jul 6 09:49:46 2017 @@ -1,4 +1,4 @@ -/* $NetBSD: ipsec_output.c,v 1.49 2017/07/04 06:45:05 ozaki-r Exp $ */ +/* $NetBSD: ipsec_output.c,v 1.50 2017/07/06 09:49:46 ozaki-r Exp $ */ /*- * Copyright (c) 2002, 2003 Sam Leffler, Errno Consulting @@ -29,7 +29,7 @@ */ #include <sys/cdefs.h> -__KERNEL_RCSID(0, "$NetBSD: ipsec_output.c,v 1.49 2017/07/04 06:45:05 ozaki-r Exp $"); +__KERNEL_RCSID(0, "$NetBSD: ipsec_output.c,v 1.50 2017/07/06 09:49:46 ozaki-r Exp $"); /* * IPsec output processing. @@ -428,12 +428,7 @@ again: * Sanity check the SA contents for the caller * before they invoke the xform output method. */ - if (sav->tdb_xform == NULL) { - IPSECLOG(LOG_DEBUG, "no transform for SA\n"); - IPSEC_OSTAT(NOXFORM); - *error = EHOSTUNREACH; - goto bad; - } + KASSERT(sav->tdb_xform != NULL); return isr; bad: KASSERTMSG(*error != 0, "error return w/ no error code");