Module Name: src
Committed By: martin
Date: Fri Mar 13 08:33:33 UTC 2020
Modified Files:
src/sys/net [netbsd-9]: if_ipsec.c
src/sys/netipsec [netbsd-9]: key.c
Log Message:
Pull up following revision(s) (requested by knakahara in ticket #780):
sys/netipsec/key.c: revision 1.271
sys/net/if_ipsec.c: revision 1.28
sys/net/if_ipsec.c: revision 1.29
Fix ipsecif(4) SPDADD pfkey message has garbage. Pointed out by ohishi@IIJ.
"setkey -x" output is the following.
========== before ==========
sadb_msg{ version=2 type=14 errno=0 satype=0
len=15 reserved=0 seq=0 pid=0
sadb_ext{ len=56 type=18 }
sadb_x_policy{ type=2 dir=1 id=9 }
{ len=40 proto=50 mode=1 level=3 reqid=16393
sockaddr{ len=0 family=0 }
sockaddr{ len=0 family=0 }
}
========== before ==========
========== after ==========
sadb_msg{ version=2 type=14 errno=0 satype=0
len=11 reserved=0 seq=0 pid=0
sadb_ext{ len=24 type=18 }
sadb_x_policy{ type=2 dir=1 id=9 }
{ len=8 proto=50 mode=1 level=3 reqid=16393
}
========== after ==========
reduce unnecessary reqid of NAT-T ipsecif(4), suggested by ohishi@IIJ.
Fix kern/55066. Pointed out and fixed by Chuck Zmudzinski, thanks.
ok'ed by ozaki-r@n.o
To generate a diff of this commit:
cvs rdiff -u -r1.22.2.1 -r1.22.2.2 src/sys/net/if_ipsec.c
cvs rdiff -u -r1.265.2.2 -r1.265.2.3 src/sys/netipsec/key.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
