From owner-svn-src-all@FreeBSD.ORG Tue Oct 23 08:27:14 2012 Return-Path: Delivered-To: svn-src-all@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 316B4FFC; Tue, 23 Oct 2012 08:27:14 +0000 (UTC) (envelope-from glebius@FreeBSD.org) Received: from cell.glebius.int.ru (glebius.int.ru [81.19.64.117]) by mx1.freebsd.org (Postfix) with ESMTP id 9EB728FC0A; Tue, 23 Oct 2012 08:27:13 +0000 (UTC) Received: from cell.glebius.int.ru (localhost [127.0.0.1]) by cell.glebius.int.ru (8.14.5/8.14.5) with ESMTP id q9N8RB48083216; Tue, 23 Oct 2012 12:27:11 +0400 (MSK) (envelope-from glebius@FreeBSD.org) Received: (from glebius@localhost) by cell.glebius.int.ru (8.14.5/8.14.5/Submit) id q9N8RBNt083215; Tue, 23 Oct 2012 12:27:11 +0400 (MSK) (envelope-from glebius@FreeBSD.org) X-Authentication-Warning: cell.glebius.int.ru: glebius set sender to glebius@FreeBSD.org using -f Date: Tue, 23 Oct 2012 12:27:11 +0400 From: Gleb Smirnoff To: src-committers@FreeBSD.org, svn-src-all@FreeBSD.org, svn-src-head@FreeBSD.org Subject: Re: svn commit: r241922 - head/sys/netipsec Message-ID: <20121023082711.GN70741@FreeBSD.org> References: <201210230822.q9N8M2kT019097@svn.freebsd.org> MIME-Version: 1.0 Content-Type: text/plain; charset=koi8-r Content-Disposition: inline In-Reply-To: <201210230822.q9N8M2kT019097@svn.freebsd.org> User-Agent: Mutt/1.5.21 (2010-09-15) X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 23 Oct 2012 08:27:14 -0000 On Tue, Oct 23, 2012 at 08:22:02AM +0000, Gleb Smirnoff wrote: T> Author: glebius T> Date: Tue Oct 23 08:22:01 2012 T> New Revision: 241922 T> URL: http://svn.freebsd.org/changeset/base/241922 T> T> Log: T> - Fix one more miss from r241913. T> - Add XXX comment about necessity of the entire block, T> that "fixes up" the IP header. It'll be nice if any IPSEC expert looks into this block and considers its importance. It looks to me that the "fix up" won't be needed at all right after I commit change that fixed ip_input() to not modify ip_len, which I plan to do in several minutes. T> Modified: T> head/sys/netipsec/ipsec_input.c T> T> Modified: head/sys/netipsec/ipsec_input.c T> ============================================================================== T> --- head/sys/netipsec/ipsec_input.c Tue Oct 23 02:20:42 2012 (r241921) T> +++ head/sys/netipsec/ipsec_input.c Tue Oct 23 08:22:01 2012 (r241922) T> @@ -328,7 +328,10 @@ ipsec4_common_input_cb(struct mbuf *m, s T> } T> T> if (skip != 0) { T> - /* Fix IPv4 header */ T> + /* T> + * Fix IPv4 header T> + * XXXGL: do we need this entire block? T> + */ T> if (m->m_len < skip && (m = m_pullup(m, skip)) == NULL) { T> DPRINTF(("%s: processing failed for SA %s/%08lx\n", T> __func__, ipsec_address(&sav->sah->saidx.dst), T> @@ -341,7 +344,6 @@ ipsec4_common_input_cb(struct mbuf *m, s T> T> ip = mtod(m, struct ip *); T> ip->ip_len = htons(m->m_pkthdr.len); T> - ip->ip_off = htons(ip->ip_off); T> ip->ip_sum = 0; T> ip->ip_sum = in_cksum(m, ip->ip_hl << 2); T> } else { -- Totus tuus, Glebius.