Date: Wed, 25 Jan 2017 13:27:19 +0000 (UTC) From: "Andrey V. Elsukov" <ae@FreeBSD.org> To: src-committers@freebsd.org, svn-src-projects@freebsd.org Subject: svn commit: r312753 - in projects/ipsec/sys: netinet netipsec Message-ID: <201701251327.v0PDRJvQ019420@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: ae Date: Wed Jan 25 13:27:18 2017 New Revision: 312753 URL: https://svnweb.freebsd.org/changeset/base/312753 Log: More fixes for NOINET build. Modified: projects/ipsec/sys/netinet/tcp_input.c projects/ipsec/sys/netinet/tcp_output.c projects/ipsec/sys/netipsec/ipsec_input.c projects/ipsec/sys/netipsec/ipsec_output.c Modified: projects/ipsec/sys/netinet/tcp_input.c ============================================================================== --- projects/ipsec/sys/netinet/tcp_input.c Wed Jan 25 13:22:48 2017 (r312752) +++ projects/ipsec/sys/netinet/tcp_input.c Wed Jan 25 13:27:18 2017 (r312753) @@ -929,12 +929,17 @@ findpcb: if (isipv6 && IPSEC_ENABLED(ipv6) && IPSEC_CHECK_POLICY(ipv6, m, inp) != 0) { goto dropunlock; - } else + } +#ifdef INET + else +#endif #endif /* INET6 */ +#ifdef INET if (IPSEC_ENABLED(ipv4) && IPSEC_CHECK_POLICY(ipv4, m, inp) != 0) { goto dropunlock; } +#endif /* INET */ #endif /* IPSEC */ /* Modified: projects/ipsec/sys/netinet/tcp_output.c ============================================================================== --- projects/ipsec/sys/netinet/tcp_output.c Wed Jan 25 13:22:48 2017 (r312752) +++ projects/ipsec/sys/netinet/tcp_output.c Wed Jan 25 13:27:18 2017 (r312753) @@ -557,11 +557,15 @@ after_sack_rexmit: #ifdef INET6 if (isipv6 && IPSEC_ENABLED(ipv6)) ipsec_optlen = IPSEC_HDRSIZE(ipv6, tp->t_inpcb); +#ifdef INET else #endif +#endif /* INET6 */ +#ifdef INET if (IPSEC_ENABLED(ipv4)) ipsec_optlen = IPSEC_HDRSIZE(ipv4, tp->t_inpcb); -#endif +#endif /* INET */ +#endif /* IPSEC */ #ifdef INET6 if (isipv6) ipoptlen = ip6_optlen(tp->t_inpcb); Modified: projects/ipsec/sys/netipsec/ipsec_input.c ============================================================================== --- projects/ipsec/sys/netipsec/ipsec_input.c Wed Jan 25 13:22:48 2017 (r312752) +++ projects/ipsec/sys/netipsec/ipsec_input.c Wed Jan 25 13:27:18 2017 (r312753) @@ -474,7 +474,7 @@ ipsec6_input(struct mbuf *m, int offset, /* * Enforce IPsec policy checking if we are seeing last header. */ - if (ipsec4_in_reject(m, NULL) != 0) { + if (ipsec6_in_reject(m, NULL) != 0) { /* Forbidden by inbound security policy */ m_freem(m); return (EACCES); Modified: projects/ipsec/sys/netipsec/ipsec_output.c ============================================================================== --- projects/ipsec/sys/netipsec/ipsec_output.c Wed Jan 25 13:22:48 2017 (r312752) +++ projects/ipsec/sys/netipsec/ipsec_output.c Wed Jan 25 13:27:18 2017 (r312753) @@ -786,6 +786,7 @@ ipsec_process_done(struct mbuf *m, struc } key_freesp(&sp), sp = NULL; /* Release reference to SP */ +#ifdef INET /* * Do UDP encapsulation if SA requires it. */ @@ -794,6 +795,7 @@ ipsec_process_done(struct mbuf *m, struc if (error != 0) goto bad; } +#endif /* INET */ /* * We're done with IPsec processing, transmit the packet using the * appropriate network protocol (IP or IPv6).
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201701251327.v0PDRJvQ019420>