Date: Wed, 16 Sep 2009 11:56:45 +0000 (UTC) From: VANHULLEBUS Yvan <vanhu@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r197250 - head/sys/netipsec Message-ID: <200909161156.n8GBujtd023300@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: vanhu Date: Wed Sep 16 11:56:44 2009 New Revision: 197250 URL: http://svn.freebsd.org/changeset/base/197250 Log: When checking traffic endpoint's adresses families in key_spdadd(), compare them together instead of comparing each one with respective tunnel endpoint. PR: kern/138439 Submitted by: aurelien.ansel@netasq.com Obtained from: NETASQ MFC after: 1 m Modified: head/sys/netipsec/key.c Modified: head/sys/netipsec/key.c ============================================================================== --- head/sys/netipsec/key.c Wed Sep 16 08:38:47 2009 (r197249) +++ head/sys/netipsec/key.c Wed Sep 16 11:56:44 2009 (r197250) @@ -1925,18 +1925,8 @@ key_spdadd(so, m, mhp) return key_senderror(so, m, EINVAL); } #if 1 - if (newsp->req && newsp->req->saidx.src.sa.sa_family) { - struct sockaddr *sa; - sa = (struct sockaddr *)(src0 + 1); - if (sa->sa_family != newsp->req->saidx.src.sa.sa_family) { - _key_delsp(newsp); - return key_senderror(so, m, EINVAL); - } - } - if (newsp->req && newsp->req->saidx.dst.sa.sa_family) { - struct sockaddr *sa; - sa = (struct sockaddr *)(dst0 + 1); - if (sa->sa_family != newsp->req->saidx.dst.sa.sa_family) { + if (newsp->req && newsp->req->saidx.src.sa.sa_family && newsp->req->saidx.dst.sa.sa_family) { + if (newsp->req->saidx.src.sa.sa_family != newsp->req->saidx.dst.sa.sa_family) { _key_delsp(newsp); return key_senderror(so, m, EINVAL); }
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200909161156.n8GBujtd023300>