Module Name: src
Committed By: maxv
Date: Mon Feb 26 09:04:29 UTC 2018
Modified Files:
src/sys/netinet: raw_ip.c sctp_input.c tcp_input.c udp_usrreq.c
src/sys/netinet6: icmp6.c raw_ip6.c sctp6_usrreq.c udp6_usrreq.c
src/sys/netipsec: ipsec.c ipsec.h ipsec6.h ipsec_input.c
src/sys/rump/librump/rumpnet: net_stub.c
Log Message:
Dedup: merge ipsec4_in_reject and ipsec6_in_reject into ipsec_in_reject.
While here fix misleading comment.
ok ozaki-r@
To generate a diff of this commit:
cvs rdiff -u -r1.168 -r1.169 src/sys/netinet/raw_ip.c
cvs rdiff -u -r1.7 -r1.8 src/sys/netinet/sctp_input.c
cvs rdiff -u -r1.379 -r1.380 src/sys/netinet/tcp_input.c
cvs rdiff -u -r1.242 -r1.243 src/sys/netinet/udp_usrreq.c
cvs rdiff -u -r1.220 -r1.221 src/sys/netinet6/icmp6.c
cvs rdiff -u -r1.162 -r1.163 src/sys/netinet6/raw_ip6.c
cvs rdiff -u -r1.14 -r1.15 src/sys/netinet6/sctp6_usrreq.c
cvs rdiff -u -r1.134 -r1.135 src/sys/netinet6/udp6_usrreq.c
cvs rdiff -u -r1.138 -r1.139 src/sys/netipsec/ipsec.c
cvs rdiff -u -r1.68 -r1.69 src/sys/netipsec/ipsec.h
cvs rdiff -u -r1.23 -r1.24 src/sys/netipsec/ipsec6.h
cvs rdiff -u -r1.61 -r1.62 src/sys/netipsec/ipsec_input.c
cvs rdiff -u -r1.28 -r1.29 src/sys/rump/librump/rumpnet/net_stub.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/netinet/raw_ip.c
diff -u src/sys/netinet/raw_ip.c:1.168 src/sys/netinet/raw_ip.c:1.169
--- src/sys/netinet/raw_ip.c:1.168 Wed Feb 14 16:45:24 2018
+++ src/sys/netinet/raw_ip.c Mon Feb 26 09:04:29 2018
@@ -1,4 +1,4 @@
-/* $NetBSD: raw_ip.c,v 1.168 2018/02/14 16:45:24 christos Exp $ */
+/* $NetBSD: raw_ip.c,v 1.169 2018/02/26 09:04:29 maxv Exp $ */
/*
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@@ -65,7 +65,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: raw_ip.c,v 1.168 2018/02/14 16:45:24 christos Exp $");
+__KERNEL_RCSID(0, "$NetBSD: raw_ip.c,v 1.169 2018/02/26 09:04:29 maxv Exp $");
#ifdef _KERNEL_OPT
#include "opt_inet.h"
@@ -204,7 +204,7 @@ rip_input(struct mbuf *m, ...)
;
#if defined(IPSEC)
/* check AH/ESP integrity. */
- else if (ipsec_used && ipsec4_in_reject(m, last)) {
+ else if (ipsec_used && ipsec_in_reject(m, last)) {
IPSEC_STATINC(IPSEC_STAT_IN_POLVIO);
/* do not inject data to pcb */
}
@@ -218,7 +218,7 @@ rip_input(struct mbuf *m, ...)
}
#if defined(IPSEC)
/* check AH/ESP integrity. */
- if (ipsec_used && last != NULL && ipsec4_in_reject(m, last)) {
+ if (ipsec_used && last != NULL && ipsec_in_reject(m, last)) {
m_freem(m);
IPSEC_STATINC(IPSEC_STAT_IN_POLVIO);
IP_STATDEC(IP_STAT_DELIVERED);
Index: src/sys/netinet/sctp_input.c
diff -u src/sys/netinet/sctp_input.c:1.7 src/sys/netinet/sctp_input.c:1.8
--- src/sys/netinet/sctp_input.c:1.7 Tue Jun 27 13:27:54 2017
+++ src/sys/netinet/sctp_input.c Mon Feb 26 09:04:29 2018
@@ -1,5 +1,5 @@
/* $KAME: sctp_input.c,v 1.28 2005/04/21 18:36:21 nishida Exp $ */
-/* $NetBSD: sctp_input.c,v 1.7 2017/06/27 13:27:54 rjs Exp $ */
+/* $NetBSD: sctp_input.c,v 1.8 2018/02/26 09:04:29 maxv Exp $ */
/*
* Copyright (C) 2002, 2003, 2004 Cisco Systems Inc,
@@ -31,7 +31,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: sctp_input.c,v 1.7 2017/06/27 13:27:54 rjs Exp $");
+__KERNEL_RCSID(0, "$NetBSD: sctp_input.c,v 1.8 2018/02/26 09:04:29 maxv Exp $");
#ifdef _KERNEL_OPT
#include "opt_ipsec.h"
@@ -4238,7 +4238,7 @@ sctp_input(struct mbuf *m, ...)
* I very much doubt any of the IPSEC stuff will work but I have
* no idea, so I will leave it in place.
*/
- if (ipsec_used && ipsec4_in_reject(m, (struct inpcb *)inp)) {
+ if (ipsec_used && ipsec_in_reject(m, (struct inpcb *)inp)) {
#if 0
ipsecstat.in_polvio++;
#endif
Index: src/sys/netinet/tcp_input.c
diff -u src/sys/netinet/tcp_input.c:1.379 src/sys/netinet/tcp_input.c:1.380
--- src/sys/netinet/tcp_input.c:1.379 Mon Feb 12 08:22:26 2018
+++ src/sys/netinet/tcp_input.c Mon Feb 26 09:04:29 2018
@@ -1,4 +1,4 @@
-/* $NetBSD: tcp_input.c,v 1.379 2018/02/12 08:22:26 maxv Exp $ */
+/* $NetBSD: tcp_input.c,v 1.380 2018/02/26 09:04:29 maxv Exp $ */
/*
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@@ -148,7 +148,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: tcp_input.c,v 1.379 2018/02/12 08:22:26 maxv Exp $");
+__KERNEL_RCSID(0, "$NetBSD: tcp_input.c,v 1.380 2018/02/26 09:04:29 maxv Exp $");
#ifdef _KERNEL_OPT
#include "opt_inet.h"
@@ -1460,14 +1460,14 @@ findpcb:
if (ipsec_used) {
if (inp &&
(inp->inp_socket->so_options & SO_ACCEPTCONN) == 0
- && ipsec4_in_reject(m, inp)) {
+ && ipsec_in_reject(m, inp)) {
IPSEC_STATINC(IPSEC_STAT_IN_POLVIO);
goto drop;
}
#ifdef INET6
else if (in6p &&
(in6p->in6p_socket->so_options & SO_ACCEPTCONN) == 0
- && ipsec6_in_reject(m, in6p)) {
+ && ipsec_in_reject(m, in6p)) {
IPSEC_STATINC(IPSEC_STAT_IN_POLVIO);
goto drop;
}
@@ -1505,7 +1505,7 @@ findpcb:
#if defined(IPSEC)
if (ipsec_used && in6p &&
(in6p->in6p_socket->so_options & SO_ACCEPTCONN) == 0 &&
- ipsec6_in_reject(m, in6p)) {
+ ipsec_in_reject(m, in6p)) {
IPSEC6_STATINC(IPSEC_STAT_IN_POLVIO);
goto drop;
}
@@ -1785,7 +1785,7 @@ nosave:;
*/
KASSERT(inp == NULL ||
sotoinpcb(so) == inp);
- if (!ipsec4_in_reject(m, inp))
+ if (!ipsec_in_reject(m, inp))
break;
IPSEC_STATINC(IPSEC_STAT_IN_POLVIO);
tp = NULL;
@@ -1794,7 +1794,7 @@ nosave:;
#ifdef INET6
case AF_INET6:
KASSERT(sotoin6pcb(so) == in6p);
- if (!ipsec6_in_reject(m, in6p))
+ if (!ipsec_in_reject(m, in6p))
break;
IPSEC6_STATINC(IPSEC_STAT_IN_POLVIO);
tp = NULL;
Index: src/sys/netinet/udp_usrreq.c
diff -u src/sys/netinet/udp_usrreq.c:1.242 src/sys/netinet/udp_usrreq.c:1.243
--- src/sys/netinet/udp_usrreq.c:1.242 Wed Feb 14 05:24:44 2018
+++ src/sys/netinet/udp_usrreq.c Mon Feb 26 09:04:29 2018
@@ -1,4 +1,4 @@
-/* $NetBSD: udp_usrreq.c,v 1.242 2018/02/14 05:24:44 maxv Exp $ */
+/* $NetBSD: udp_usrreq.c,v 1.243 2018/02/26 09:04:29 maxv Exp $ */
/*
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@@ -66,7 +66,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: udp_usrreq.c,v 1.242 2018/02/14 05:24:44 maxv Exp $");
+__KERNEL_RCSID(0, "$NetBSD: udp_usrreq.c,v 1.243 2018/02/26 09:04:29 maxv Exp $");
#ifdef _KERNEL_OPT
#include "opt_inet.h"
@@ -479,7 +479,7 @@ udp4_sendup(struct mbuf *m, int off /* o
#if defined(IPSEC)
/* check AH/ESP integrity. */
- if (ipsec_used && ipsec4_in_reject(m, inp)) {
+ if (ipsec_used && ipsec_in_reject(m, inp)) {
IPSEC_STATINC(IPSEC_STAT_IN_POLVIO);
if ((n = m_copypacket(m, M_DONTWAIT)) != NULL)
icmp_error(n, ICMP_UNREACH, ICMP_UNREACH_ADMIN_PROHIBIT,
Index: src/sys/netinet6/icmp6.c
diff -u src/sys/netinet6/icmp6.c:1.220 src/sys/netinet6/icmp6.c:1.221
--- src/sys/netinet6/icmp6.c:1.220 Mon Feb 12 12:52:12 2018
+++ src/sys/netinet6/icmp6.c Mon Feb 26 09:04:29 2018
@@ -1,4 +1,4 @@
-/* $NetBSD: icmp6.c,v 1.220 2018/02/12 12:52:12 maxv Exp $ */
+/* $NetBSD: icmp6.c,v 1.221 2018/02/26 09:04:29 maxv Exp $ */
/* $KAME: icmp6.c,v 1.217 2001/06/20 15:03:29 jinmei Exp $ */
/*
@@ -62,7 +62,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: icmp6.c,v 1.220 2018/02/12 12:52:12 maxv Exp $");
+__KERNEL_RCSID(0, "$NetBSD: icmp6.c,v 1.221 2018/02/26 09:04:29 maxv Exp $");
#ifdef _KERNEL_OPT
#include "opt_inet.h"
@@ -2008,7 +2008,7 @@ icmp6_rip6_input(struct mbuf **mp, int o
* Check AH/ESP integrity
*/
if (!ipsec_used ||
- (ipsec_used && !ipsec6_in_reject(m, last)))
+ (ipsec_used && !ipsec_in_reject(m, last)))
#endif
if ((n = m_copy(m, 0, (int)M_COPYALL)) != NULL) {
if (last->in6p_flags & IN6P_CONTROLOPTS)
@@ -2030,7 +2030,7 @@ icmp6_rip6_input(struct mbuf **mp, int o
}
#ifdef IPSEC
- if (ipsec_used && last && ipsec6_in_reject(m, last)) {
+ if (ipsec_used && last && ipsec_in_reject(m, last)) {
m_freem(m);
IP6_STATDEC(IP6_STAT_DELIVERED);
/* do not inject data into pcb */
Index: src/sys/netinet6/raw_ip6.c
diff -u src/sys/netinet6/raw_ip6.c:1.162 src/sys/netinet6/raw_ip6.c:1.163
--- src/sys/netinet6/raw_ip6.c:1.162 Thu Feb 8 19:58:05 2018
+++ src/sys/netinet6/raw_ip6.c Mon Feb 26 09:04:29 2018
@@ -1,4 +1,4 @@
-/* $NetBSD: raw_ip6.c,v 1.162 2018/02/08 19:58:05 maxv Exp $ */
+/* $NetBSD: raw_ip6.c,v 1.163 2018/02/26 09:04:29 maxv Exp $ */
/* $KAME: raw_ip6.c,v 1.82 2001/07/23 18:57:56 jinmei Exp $ */
/*
@@ -62,7 +62,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: raw_ip6.c,v 1.162 2018/02/08 19:58:05 maxv Exp $");
+__KERNEL_RCSID(0, "$NetBSD: raw_ip6.c,v 1.163 2018/02/26 09:04:29 maxv Exp $");
#ifdef _KERNEL_OPT
#include "opt_ipsec.h"
@@ -198,7 +198,7 @@ rip6_input(struct mbuf **mp, int *offp,
* Check AH/ESP integrity
*/
if (!ipsec_used ||
- (ipsec_used && !ipsec6_in_reject(m, last)))
+ (ipsec_used && !ipsec_in_reject(m, last)))
#endif
if ((n = m_copy(m, 0, (int)M_COPYALL)) != NULL) {
if (last->in6p_flags & IN6P_CONTROLOPTS)
@@ -221,7 +221,7 @@ rip6_input(struct mbuf **mp, int *offp,
}
#ifdef IPSEC
- if (ipsec_used && last && ipsec6_in_reject(m, last)) {
+ if (ipsec_used && last && ipsec_in_reject(m, last)) {
m_freem(m);
IP6_STATDEC(IP6_STAT_DELIVERED);
/* do not inject data into pcb */
Index: src/sys/netinet6/sctp6_usrreq.c
diff -u src/sys/netinet6/sctp6_usrreq.c:1.14 src/sys/netinet6/sctp6_usrreq.c:1.15
--- src/sys/netinet6/sctp6_usrreq.c:1.14 Tue Oct 17 19:23:42 2017
+++ src/sys/netinet6/sctp6_usrreq.c Mon Feb 26 09:04:29 2018
@@ -1,5 +1,5 @@
/* $KAME: sctp6_usrreq.c,v 1.38 2005/08/24 08:08:56 suz Exp $ */
-/* $NetBSD: sctp6_usrreq.c,v 1.14 2017/10/17 19:23:42 rjs Exp $ */
+/* $NetBSD: sctp6_usrreq.c,v 1.15 2018/02/26 09:04:29 maxv Exp $ */
/*
* Copyright (c) 2001, 2002, 2003, 2004 Cisco Systems, Inc.
@@ -33,7 +33,7 @@
* SUCH DAMAGE.
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: sctp6_usrreq.c,v 1.14 2017/10/17 19:23:42 rjs Exp $");
+__KERNEL_RCSID(0, "$NetBSD: sctp6_usrreq.c,v 1.15 2018/02/26 09:04:29 maxv Exp $");
#ifdef _KERNEL_OPT
#include "opt_inet.h"
@@ -235,7 +235,7 @@ sctp_skip_csum:
/*
* Check AH/ESP integrity.
*/
- if (ipsec_used && ipsec6_in_reject(m, (struct in6pcb *)in6p_ip)) {
+ if (ipsec_used && ipsec_in_reject(m, (struct in6pcb *)in6p_ip)) {
/* XXX */
#if 0
/* FIX ME: need to find right stat */
Index: src/sys/netinet6/udp6_usrreq.c
diff -u src/sys/netinet6/udp6_usrreq.c:1.134 src/sys/netinet6/udp6_usrreq.c:1.135
--- src/sys/netinet6/udp6_usrreq.c:1.134 Thu Feb 8 19:58:05 2018
+++ src/sys/netinet6/udp6_usrreq.c Mon Feb 26 09:04:29 2018
@@ -1,4 +1,4 @@
-/* $NetBSD: udp6_usrreq.c,v 1.134 2018/02/08 19:58:05 maxv Exp $ */
+/* $NetBSD: udp6_usrreq.c,v 1.135 2018/02/26 09:04:29 maxv Exp $ */
/* $KAME: udp6_usrreq.c,v 1.86 2001/05/27 17:33:00 itojun Exp $ */
/* $KAME: udp6_output.c,v 1.43 2001/10/15 09:19:52 itojun Exp $ */
@@ -63,7 +63,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: udp6_usrreq.c,v 1.134 2018/02/08 19:58:05 maxv Exp $");
+__KERNEL_RCSID(0, "$NetBSD: udp6_usrreq.c,v 1.135 2018/02/26 09:04:29 maxv Exp $");
#ifdef _KERNEL_OPT
#include "opt_inet.h"
@@ -353,7 +353,7 @@ udp6_sendup(struct mbuf *m, int off /* o
#if defined(IPSEC)
/* check AH/ESP integrity. */
- if (ipsec_used && ipsec6_in_reject(m, in6p)) {
+ if (ipsec_used && ipsec_in_reject(m, in6p)) {
IPSEC6_STATINC(IPSEC_STAT_IN_POLVIO);
if ((n = m_copypacket(m, M_DONTWAIT)) != NULL)
icmp6_error(n, ICMP6_DST_UNREACH,
Index: src/sys/netipsec/ipsec.c
diff -u src/sys/netipsec/ipsec.c:1.138 src/sys/netipsec/ipsec.c:1.139
--- src/sys/netipsec/ipsec.c:1.138 Mon Feb 26 08:50:25 2018
+++ src/sys/netipsec/ipsec.c Mon Feb 26 09:04:29 2018
@@ -1,4 +1,4 @@
-/* $NetBSD: ipsec.c,v 1.138 2018/02/26 08:50:25 maxv Exp $ */
+/* $NetBSD: ipsec.c,v 1.139 2018/02/26 09:04:29 maxv Exp $ */
/* $FreeBSD: src/sys/netipsec/ipsec.c,v 1.2.2.2 2003/07/01 01:38:13 sam Exp $ */
/* $KAME: ipsec.c,v 1.103 2001/05/24 07:14:18 sakane Exp $ */
@@ -32,7 +32,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: ipsec.c,v 1.138 2018/02/26 08:50:25 maxv Exp $");
+__KERNEL_RCSID(0, "$NetBSD: ipsec.c,v 1.139 2018/02/26 09:04:29 maxv Exp $");
/*
* IPsec controller part.
@@ -1701,12 +1701,13 @@ ipsec_sp_reject(const struct secpolicy *
}
/*
- * Check AH/ESP integrity.
- * This function is called from tcp_input(), udp_input(),
- * and {ah,esp}4_input for tunnel mode
+ * Check security policy requirements.
+ *
+ * This function is called from tcp{6}_input(), udp{6}_input(),
+ * and {ah,esp}_input for tunnel mode
*/
int
-ipsec4_in_reject(struct mbuf *m, struct inpcb *inp)
+ipsec_in_reject(struct mbuf *m, void *inp)
{
struct inpcb_hdr *inph = (struct inpcb_hdr *)inp;
struct secpolicy *sp;
@@ -1733,41 +1734,6 @@ ipsec4_in_reject(struct mbuf *m, struct
return result;
}
-#ifdef INET6
-/*
- * Check AH/ESP integrity.
- * This function is called from tcp6_input(), udp6_input(),
- * and {ah,esp}6_input for tunnel mode
- */
-int
-ipsec6_in_reject(struct mbuf *m, struct in6pcb *in6p)
-{
- struct inpcb_hdr *inph = (struct inpcb_hdr *)in6p;
- struct secpolicy *sp;
- int error;
- int result;
-
- KASSERT(m != NULL);
-
- if (inph == NULL)
- sp = ipsec_getpolicybyaddr(m, IPSEC_DIR_INBOUND,
- IP_FORWARDING, &error);
- else
- sp = ipsec_getpolicybysock(m, IPSEC_DIR_INBOUND,
- inph, &error);
-
- if (sp != NULL) {
- result = ipsec_sp_reject(sp, m);
- if (result)
- IPSEC_STATINC(IPSEC_STAT_IN_POLVIO);
- KEY_SP_UNREF(&sp);
- } else {
- result = 0;
- }
- return result;
-}
-#endif
-
/*
* Compute the byte size to be occupied by the IPsec header. If it is
* tunneled, it includes the size of outer IP header.
Index: src/sys/netipsec/ipsec.h
diff -u src/sys/netipsec/ipsec.h:1.68 src/sys/netipsec/ipsec.h:1.69
--- src/sys/netipsec/ipsec.h:1.68 Mon Feb 26 08:50:25 2018
+++ src/sys/netipsec/ipsec.h Mon Feb 26 09:04:29 2018
@@ -1,4 +1,4 @@
-/* $NetBSD: ipsec.h,v 1.68 2018/02/26 08:50:25 maxv Exp $ */
+/* $NetBSD: ipsec.h,v 1.69 2018/02/26 09:04:29 maxv Exp $ */
/* $FreeBSD: /usr/local/www/cvsroot/FreeBSD/src/sys/netipsec/ipsec.h,v 1.2.4.2 2004/02/14 22:23:23 bms Exp $ */
/* $KAME: ipsec.h,v 1.53 2001/11/20 08:32:38 itojun Exp $ */
@@ -294,7 +294,7 @@ u_int ipsec_get_reqlevel(const struct ip
int ipsec4_set_policy(struct inpcb *, int, const void *, size_t, kauth_cred_t);
int ipsec4_get_policy(struct inpcb *, const void *, size_t, struct mbuf **);
int ipsec4_delete_pcbpolicy(struct inpcb *);
-int ipsec4_in_reject(struct mbuf *, struct inpcb *);
+int ipsec_in_reject(struct mbuf *, void *);
struct secasvar *ipsec_lookup_sa(const struct ipsecrequest *,
const struct mbuf *);
Index: src/sys/netipsec/ipsec6.h
diff -u src/sys/netipsec/ipsec6.h:1.23 src/sys/netipsec/ipsec6.h:1.24
--- src/sys/netipsec/ipsec6.h:1.23 Mon Feb 26 08:42:16 2018
+++ src/sys/netipsec/ipsec6.h Mon Feb 26 09:04:29 2018
@@ -1,4 +1,4 @@
-/* $NetBSD: ipsec6.h,v 1.23 2018/02/26 08:42:16 maxv Exp $ */
+/* $NetBSD: ipsec6.h,v 1.24 2018/02/26 09:04:29 maxv Exp $ */
/* $FreeBSD: src/sys/netipsec/ipsec6.h,v 1.1.4.1 2003/01/24 05:11:35 sam Exp $ */
/* $KAME: ipsec.h,v 1.44 2001/03/23 08:08:47 itojun Exp $ */
@@ -58,11 +58,9 @@ int ipsec6_set_policy(struct in6pcb *, i
int ipsec6_get_policy(struct in6pcb *, const void *, size_t, struct mbuf **);
struct secpolicy *ipsec6_check_policy(struct mbuf *,
struct in6pcb *, int, int*,int*);
-int ipsec6_in_reject(struct mbuf *, struct in6pcb *);
struct tcp6cb;
-size_t ipsec6_hdrsiz(struct mbuf *, u_int, struct in6pcb *);
size_t ipsec6_hdrsiz_tcp(struct tcpcb*);
/* NetBSD protosw ctlin entrypoint */
Index: src/sys/netipsec/ipsec_input.c
diff -u src/sys/netipsec/ipsec_input.c:1.61 src/sys/netipsec/ipsec_input.c:1.62
--- src/sys/netipsec/ipsec_input.c:1.61 Mon Feb 26 06:58:56 2018
+++ src/sys/netipsec/ipsec_input.c Mon Feb 26 09:04:29 2018
@@ -1,4 +1,4 @@
-/* $NetBSD: ipsec_input.c,v 1.61 2018/02/26 06:58:56 maxv Exp $ */
+/* $NetBSD: ipsec_input.c,v 1.62 2018/02/26 09:04:29 maxv Exp $ */
/* $FreeBSD: src/sys/netipsec/ipsec_input.c,v 1.2.4.2 2003/03/28 20:32:53 sam Exp $ */
/* $OpenBSD: ipsec_input.c,v 1.63 2003/02/20 18:35:43 deraadt Exp $ */
@@ -39,7 +39,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: ipsec_input.c,v 1.61 2018/02/26 06:58:56 maxv Exp $");
+__KERNEL_RCSID(0, "$NetBSD: ipsec_input.c,v 1.62 2018/02/26 09:04:29 maxv Exp $");
/*
* IPsec input processing.
@@ -459,7 +459,7 @@ cantpull:
key_sa_recordxfer(sav, m); /* record data transfer */
if ((inetsw[ip_protox[prot]].pr_flags & PR_LASTHDR) != 0 &&
- ipsec4_in_reject(m, NULL)) {
+ ipsec_in_reject(m, NULL)) {
error = EINVAL;
goto bad;
}
@@ -685,7 +685,7 @@ ipsec6_common_input_cb(struct mbuf *m, s
* code - like udp/tcp/raw ip.
*/
if ((inet6sw[ip6_protox[nxt]].pr_flags & PR_LASTHDR) != 0 &&
- ipsec6_in_reject(m, NULL)) {
+ ipsec_in_reject(m, NULL)) {
error = EINVAL;
goto bad;
}
Index: src/sys/rump/librump/rumpnet/net_stub.c
diff -u src/sys/rump/librump/rumpnet/net_stub.c:1.28 src/sys/rump/librump/rumpnet/net_stub.c:1.29
--- src/sys/rump/librump/rumpnet/net_stub.c:1.28 Mon Feb 26 08:50:25 2018
+++ src/sys/rump/librump/rumpnet/net_stub.c Mon Feb 26 09:04:29 2018
@@ -1,4 +1,4 @@
-/* $NetBSD: net_stub.c,v 1.28 2018/02/26 08:50:25 maxv Exp $ */
+/* $NetBSD: net_stub.c,v 1.29 2018/02/26 09:04:29 maxv Exp $ */
/*
* Copyright (c) 2008 Antti Kantee. All Rights Reserved.
@@ -26,7 +26,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: net_stub.c,v 1.28 2018/02/26 08:50:25 maxv Exp $");
+__KERNEL_RCSID(0, "$NetBSD: net_stub.c,v 1.29 2018/02/26 09:04:29 maxv Exp $");
#include <sys/mutex.h>
#include <sys/param.h>
@@ -92,17 +92,16 @@ __weak_alias(ipsec4_common_input,rumpnet
__weak_alias(ipsec4_delete_pcbpolicy,rumpnet_stub);
__weak_alias(ipsec4_forward,rumpnet_stub);
__weak_alias(ipsec4_input,rumpnet_stub);
-__weak_alias(ipsec4_in_reject,rumpnet_stub);
__weak_alias(ipsec4_set_policy,rumpnet_stub);
__weak_alias(ipsec6_common_input,rumpnet_stub);
__weak_alias(ipsec6_input,rumpnet_stub);
__weak_alias(ipsec6_check_policy,rumpnet_stub);
__weak_alias(ipsec6_delete_pcbpolicy,rumpnet_stub);
__weak_alias(ipsec6_get_policy,rumpnet_stub);
-__weak_alias(ipsec6_in_reject,rumpnet_stub);
__weak_alias(ipsec6_process_packet,rumpnet_stub);
__weak_alias(ipsec6_set_policy,rumpnet_stub);
__weak_alias(ipsec_hdrsiz,rumpnet_stub);
+__weak_alias(ipsec_in_reject,rumpnet_stub);
__weak_alias(ipsec_init_policy,rumpnet_stub);
__weak_alias(ipsec_pcbconn,rumpnet_stub);
__weak_alias(ipsec_pcbdisconn,rumpnet_stub);
