Date: Thu, 31 Mar 2011 13:14:24 +0000 (UTC) From: Fabien Thomas <fabient@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r220194 - head/sys/netipsec Message-ID: <201103311314.p2VDEOro007304@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: fabient Date: Thu Mar 31 13:14:24 2011 New Revision: 220194 URL: http://svn.freebsd.org/changeset/base/220194 Log: Fix two SA refcount: - AH does not release the SA like in ESP/IPCOMP when handling EAGAIN - ipsec_process_done incorrectly release the SA. Reviewed by: vanhu MFC after: 1 week Modified: head/sys/netipsec/ipsec_output.c head/sys/netipsec/xform_ah.c Modified: head/sys/netipsec/ipsec_output.c ============================================================================== --- head/sys/netipsec/ipsec_output.c Thu Mar 31 13:06:51 2011 (r220193) +++ head/sys/netipsec/ipsec_output.c Thu Mar 31 13:14:24 2011 (r220194) @@ -247,7 +247,6 @@ ipsec_process_done(struct mbuf *m, struc panic("ipsec_process_done"); bad: m_freem(m); - KEY_FREESAV(&sav); return (error); } Modified: head/sys/netipsec/xform_ah.c ============================================================================== --- head/sys/netipsec/xform_ah.c Thu Mar 31 13:06:51 2011 (r220193) +++ head/sys/netipsec/xform_ah.c Thu Mar 31 13:14:24 2011 (r220194) @@ -785,6 +785,7 @@ ah_input_cb(struct cryptop *crp) sav->tdb_cryptoid = crp->crp_sid; if (crp->crp_etype == EAGAIN) { + KEY_FREESAV(&sav); error = crypto_dispatch(crp); return error; }
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201103311314.p2VDEOro007304>