FreeBSD Mail Archives

Date:      Fri, 30 Nov 2018 11:19:04 +0000 (UTC)
From:      "Andrey V. Elsukov" <ae@FreeBSD.org>
To:        src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-12@freebsd.org
Subject:   svn commit: r341336 - stable/12/sys/net
Message-ID:  <201811301119.wAUBJ41N015082@repo.freebsd.org>

next in thread | raw e-mail | index | archive | help

Author: ae
Date: Fri Nov 30 11:19:04 2018
New Revision: 341336
URL: https://svnweb.freebsd.org/changeset/base/341336

Log:
  MFC r340477:
    Allow configuration of several ipsec interfaces with the same tunnel
    endpoints.
  
    This can be used to configure several IPsec tunnels between two hosts
    with different security associations.
  
    Obtained from:	Yandex LLC
    Sponsored by:	Yandex LLC

Modified:
  stable/12/sys/net/if_ipsec.c
Directory Properties:
  stable/12/   (props changed)

Modified: stable/12/sys/net/if_ipsec.c
==============================================================================
--- stable/12/sys/net/if_ipsec.c	Fri Nov 30 10:50:07 2018	(r341335)
+++ stable/12/sys/net/if_ipsec.c	Fri Nov 30 11:19:04 2018	(r341336)
@@ -968,7 +968,7 @@ static int
 ipsec_set_addresses(struct ifnet *ifp, struct sockaddr *src,
     struct sockaddr *dst)
 {
-	struct ipsec_softc *sc, *tsc;
+	struct ipsec_softc *sc;
 	struct secasindex *saidx;
 
 	sx_assert(&ipsec_ioctl_sx, SA_XLOCKED);
@@ -982,18 +982,6 @@ ipsec_set_addresses(struct ifnet *ifp, struct sockaddr
 		    key_sockaddrcmp(&saidx->dst.sa, dst, 0) == 0)
 			return (0); /* Nothing has been changed. */
 
-	}
-	/* Check that given addresses aren't already configured */
-	CK_LIST_FOREACH(tsc, ipsec_srchash(src), srchash) {
-		if (tsc == sc)
-			continue;
-		MPASS(tsc->family == src->sa_family);
-		saidx = ipsec_getsaidx(tsc, IPSEC_DIR_OUTBOUND, tsc->family);
-		if (key_sockaddrcmp(&saidx->src.sa, src, 0) == 0 &&
-		    key_sockaddrcmp(&saidx->dst.sa, dst, 0) == 0) {
-			/* We already have tunnel with such addresses */
-			return (EADDRNOTAVAIL);
-		}
 	}
 	/* If reqid is not set, generate new one. */
 	if (ipsec_init_reqid(sc) != 0)

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201811301119.wAUBJ41N015082>

Header And Logo

Peripheral Links

Site Navigation

Header And Logo

Peripheral Links

Search

Site Navigation