Hi,
if you build the kernel without IPSEC it will run into several compiler
and linker errors. This diff add some missing #ifdefs to fix this.
ok?
bye,
jan
Index: net/if_pfsync.c
===================================================================
RCS file: /mount/openbsd/cvs/src/sys/net/if_pfsync.c,v
retrieving revision 1.305
diff -u -p -r1.305 if_pfsync.c
--- net/if_pfsync.c 21 Apr 2022 15:22:49 -0000 1.305
+++ net/if_pfsync.c 2 Nov 2022 10:20:38 -0000
@@ -1576,7 +1576,9 @@ pfsync_grab_snapshot(struct pfsync_snaps
int q;
struct pf_state *st;
struct pfsync_upd_req_item *ur;
+#if defined(IPSEC)
struct tdb *tdb;
+#endif
sn->sn_sc = sc;
@@ -1602,6 +1604,7 @@ pfsync_grab_snapshot(struct pfsync_snaps
}
TAILQ_INIT(&sn->sn_tdb_q);
+#if defined(IPSEC)
while ((tdb = TAILQ_FIRST(&sc->sc_tdb_q)) != NULL) {
TAILQ_REMOVE(&sc->sc_tdb_q, tdb, tdb_sync_entry);
TAILQ_INSERT_TAIL(&sn->sn_tdb_q, tdb, tdb_sync_snap);
@@ -1611,6 +1614,7 @@ pfsync_grab_snapshot(struct pfsync_snaps
SET(tdb->tdb_flags, TDBF_PFSYNC_SNAPPED);
mtx_leave(&tdb->tdb_mtx);
}
+#endif
sn->sn_len = sc->sc_len;
sc->sc_len = PFSYNC_MINPKT;
@@ -1630,7 +1634,9 @@ pfsync_drop_snapshot(struct pfsync_snaps
{
struct pf_state *st;
struct pfsync_upd_req_item *ur;
+#if defined(IPSEC)
struct tdb *t;
+#endif
int q;
for (q = 0; q < PFSYNC_S_COUNT; q++) {
@@ -1652,6 +1658,7 @@ pfsync_drop_snapshot(struct pfsync_snaps
pool_put(&sn->sn_sc->sc_pool, ur);
}
+#if defined(IPSEC)
while ((t = TAILQ_FIRST(&sn->sn_tdb_q)) != NULL) {
TAILQ_REMOVE(&sn->sn_tdb_q, t, tdb_sync_snap);
mtx_enter(&t->tdb_mtx);
@@ -1660,6 +1667,7 @@ pfsync_drop_snapshot(struct pfsync_snaps
CLR(t->tdb_flags, TDBF_PFSYNC);
mtx_leave(&t->tdb_mtx);
}
+#endif
}
int
@@ -1748,7 +1756,6 @@ pfsync_sendout(void)
struct pfsync_subheader *subh;
struct pf_state *st;
struct pfsync_upd_req_item *ur;
- struct tdb *t;
int offset;
int q, count = 0;
@@ -1842,7 +1849,10 @@ pfsync_sendout(void)
sn.sn_plus = NULL; /* XXX memory leak ? */
}
+#if defined(IPSEC)
if (!TAILQ_EMPTY(&sn.sn_tdb_q)) {
+ struct tdb *t;
+
subh = (struct pfsync_subheader *)(m->m_data + offset);
offset += sizeof(*subh);
@@ -1865,6 +1875,7 @@ pfsync_sendout(void)
subh->len = sizeof(struct pfsync_tdb) >> 2;
subh->count = htons(count);
}
+#endif
/* walk the queues */
for (q = 0; q < PFSYNC_S_COUNT; q++) {
@@ -2486,6 +2497,7 @@ pfsync_q_del(struct pf_state *st)
pf_state_unref(st);
}
+#if defined(IPSEC)
void
pfsync_update_tdb(struct tdb *t, int output)
{
@@ -2540,7 +2552,9 @@ pfsync_update_tdb(struct tdb *t, int out
CLR(t->tdb_flags, TDBF_PFSYNC_RPL);
mtx_leave(&t->tdb_mtx);
}
+#endif
+#if defined(IPSEC)
void
pfsync_delete_tdb(struct tdb *t)
{
@@ -2576,6 +2590,7 @@ pfsync_delete_tdb(struct tdb *t)
tdb_unref(t);
}
+#endif
void
pfsync_out_tdb(struct tdb *t, void *buf)
Index: netinet/ip_ipsp.c
===================================================================
RCS file: /mount/openbsd/cvs/src/sys/netinet/ip_ipsp.c,v
retrieving revision 1.273
diff -u -p -r1.273 ip_ipsp.c
--- netinet/ip_ipsp.c 6 Aug 2022 15:57:59 -0000 1.273
+++ netinet/ip_ipsp.c 2 Nov 2022 12:09:22 -0000
@@ -1081,7 +1081,7 @@ tdb_free(struct tdb *tdbp)
tdbp->tdb_xform = NULL;
}
-#if NPFSYNC > 0
+#if NPFSYNC > 0 && defined(IPSEC)
/* Cleanup pfsync references */
pfsync_delete_tdb(tdbp);
#endif
