From owner-svn-src-all@FreeBSD.ORG Mon Oct 22 22:42:29 2012 Return-Path: Delivered-To: svn-src-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 8B456827; Mon, 22 Oct 2012 22:42:29 +0000 (UTC) (envelope-from glebius@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id 566738FC14; Mon, 22 Oct 2012 22:42:29 +0000 (UTC) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.4/8.14.4) with ESMTP id q9MMgTPu025235; Mon, 22 Oct 2012 22:42:29 GMT (envelope-from glebius@svn.freebsd.org) Received: (from glebius@localhost) by svn.freebsd.org (8.14.4/8.14.4/Submit) id q9MMgTJ6025232; Mon, 22 Oct 2012 22:42:29 GMT (envelope-from glebius@svn.freebsd.org) Message-Id: <201210222242.q9MMgTJ6025232@svn.freebsd.org> From: Gleb Smirnoff Date: Mon, 22 Oct 2012 22:42:29 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r241919 - head/sys/netipsec X-SVN-Group: head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 22 Oct 2012 22:42:29 -0000 Author: glebius Date: Mon Oct 22 22:42:28 2012 New Revision: 241919 URL: http://svn.freebsd.org/changeset/base/241919 Log: Couple of changes missed from r241913, which converted IPv4 stack to network byte order. Modified: head/sys/netipsec/ipsec_output.c head/sys/netipsec/xform_ah.c Modified: head/sys/netipsec/ipsec_output.c ============================================================================== --- head/sys/netipsec/ipsec_output.c Mon Oct 22 22:32:52 2012 (r241918) +++ head/sys/netipsec/ipsec_output.c Mon Oct 22 22:42:28 2012 (r241919) @@ -197,18 +197,14 @@ ipsec_process_done(struct mbuf *m, struc */ switch (saidx->dst.sa.sa_family) { #ifdef INET - struct ip *ip; case AF_INET: - ip = mtod(m, struct ip *); - ip->ip_len = ntohs(ip->ip_len); - ip->ip_off = ntohs(ip->ip_off); - #ifdef IPSEC_NAT_T /* * If NAT-T is enabled, now that all IPsec processing is done * insert UDP encapsulation header after IP header. */ if (sav->natt_type) { + struct ip *ip = mtod(m, struct ip *); #ifdef _IP_VHL const int hlen = IP_VHL_HL(ip->ip_vhl); #else @@ -246,7 +242,7 @@ ipsec_process_done(struct mbuf *m, struc udp->uh_dport = KEY_PORTFROMSADDR(&sav->sah->saidx.dst); udp->uh_sum = 0; udp->uh_ulen = htons(m->m_pkthdr.len - hlen); - ip->ip_len = m->m_pkthdr.len; + ip->ip_len = htons(m->m_pkthdr.len); ip->ip_p = IPPROTO_UDP; if (sav->natt_type == UDP_ENCAP_ESPINUDP_NON_IKE) Modified: head/sys/netipsec/xform_ah.c ============================================================================== --- head/sys/netipsec/xform_ah.c Mon Oct 22 22:32:52 2012 (r241918) +++ head/sys/netipsec/xform_ah.c Mon Oct 22 22:42:28 2012 (r241919) @@ -305,23 +305,13 @@ ah_massage_headers(struct mbuf **m0, int ip->ip_ttl = 0; ip->ip_sum = 0; - /* - * On input, fix ip_len which has been byte-swapped - * at ip_input(). - */ - if (!out) { - ip->ip_len = htons(ip->ip_len + skip); + if (!out) + ip->ip_len = htons(ntohs(ip->ip_len) + skip); - if (alg == CRYPTO_MD5_KPDK || alg == CRYPTO_SHA1_KPDK) - ip->ip_off = htons(ip->ip_off & IP_DF); - else - ip->ip_off = 0; - } else { - if (alg == CRYPTO_MD5_KPDK || alg == CRYPTO_SHA1_KPDK) - ip->ip_off = htons(ntohs(ip->ip_off) & IP_DF); - else - ip->ip_off = 0; - } + if (alg == CRYPTO_MD5_KPDK || alg == CRYPTO_SHA1_KPDK) + ip->ip_off &= htons(IP_DF); + else + ip->ip_off = htons(0); ptr = mtod(m, unsigned char *) + sizeof(struct ip);