diff options
| author |   markus <markus@openbsd.org> | 2005-05-27 18:23:18 +0000 |
|---|---|---|
| committer | markus <markus@openbsd.org> | 2005-05-27 18:23:18 +0000 |
| commit | d30995db88385c94ae6a13572872c40fcc7c8b68 (patch) | |
| tree | 9d15a3e324d0591b9ae1180da468111d82520a57 | |
| parent | Implement SPD (IPsec flow) snapshots. (diff) | |
| download | wireguard-openbsd-d30995db88385c94ae6a13572872c40fcc7c8b68.tar.xz wireguard-openbsd-d30995db88385c94ae6a13572872c40fcc7c8b68.zip | |
comment out unused PACKET_TAG_IPSEC_IN_CRYPTO_DONE code; ok hshoexer
| -rw-r--r-- | sys/netinet/ip_ah.c | 9 | ||||
| -rw-r--r-- | sys/netinet/ip_esp.c | 9 |
2 files changed, 14 insertions, 4 deletions
diff --git a/sys/netinet/ip_ah.c b/sys/netinet/ip_ah.c index ef632660fcb..b6ca4aabb67 100644 --- a/sys/netinet/ip_ah.c +++ b/sys/netinet/ip_ah.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ip_ah.c,v 1.79 2003/08/14 19:00:12 jason Exp $ */ +/* $OpenBSD: ip_ah.c,v 1.80 2005/05/27 18:23:18 markus Exp $ */ /* * The authors of this code are John Ioannidis (ji@tla.org), * Angelos D. Keromytis (kermit@csd.uch.gr) and @@ -494,7 +494,6 @@ int ah_input(struct mbuf *m, struct tdb *tdb, int skip, int protoff) { struct auth_hash *ahx = (struct auth_hash *) tdb->tdb_authalgxform; - struct tdb_ident *tdbi; struct tdb_crypto *tc; struct m_tag *mtag; u_int32_t btsx; @@ -606,10 +605,13 @@ ah_input(struct mbuf *m, struct tdb *tdb, int skip, int protoff) crda->crd_key = tdb->tdb_amxkey; crda->crd_klen = tdb->tdb_amxkeylen * 8; +#ifdef notyet /* Find out if we've already done crypto. */ for (mtag = m_tag_find(m, PACKET_TAG_IPSEC_IN_CRYPTO_DONE, NULL); mtag != NULL; mtag = m_tag_find(m, PACKET_TAG_IPSEC_IN_CRYPTO_DONE, mtag)) { + struct tdb_ident *tdbi; + tdbi = (struct tdb_ident *) (mtag + 1); if (tdbi->proto == tdb->tdb_sproto && tdbi->spi == tdb->tdb_spi && @@ -617,6 +619,9 @@ ah_input(struct mbuf *m, struct tdb *tdb, int skip, int protoff) sizeof(union sockaddr_union))) break; } +#else + mtag = NULL; +#endif /* Allocate IPsec-specific opaque crypto info. */ if (mtag == NULL) diff --git a/sys/netinet/ip_esp.c b/sys/netinet/ip_esp.c index 26f2a1eff29..de2894d89c6 100644 --- a/sys/netinet/ip_esp.c +++ b/sys/netinet/ip_esp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ip_esp.c,v 1.90 2005/05/25 05:47:53 markus Exp $ */ +/* $OpenBSD: ip_esp.c,v 1.91 2005/05/27 18:23:18 markus Exp $ */ /* * The authors of this code are John Ioannidis (ji@tla.org), * Angelos D. Keromytis (kermit@csd.uch.gr) and @@ -276,7 +276,6 @@ esp_input(struct mbuf *m, struct tdb *tdb, int skip, int protoff) { struct auth_hash *esph = (struct auth_hash *) tdb->tdb_authalgxform; struct enc_xform *espx = (struct enc_xform *) tdb->tdb_encalgxform; - struct tdb_ident *tdbi; struct tdb_crypto *tc; int plen, alen, hlen; struct m_tag *mtag; @@ -368,15 +367,21 @@ esp_input(struct mbuf *m, struct tdb *tdb, int skip, int protoff) tdb->tdb_flags &= ~TDBF_SOFT_BYTES; /* Turn off checking */ } +#ifdef notyet /* Find out if we've already done crypto */ for (mtag = m_tag_find(m, PACKET_TAG_IPSEC_IN_CRYPTO_DONE, NULL); mtag != NULL; mtag = m_tag_find(m, PACKET_TAG_IPSEC_IN_CRYPTO_DONE, mtag)) { + struct tdb_ident *tdbi; + tdbi = (struct tdb_ident *) (mtag + 1); if (tdbi->proto == tdb->tdb_sproto && tdbi->spi == tdb->tdb_spi && !bcmp(&tdbi->dst, &tdb->tdb_dst, sizeof(union sockaddr_union))) break; } +#else + mtag = NULL; +#endif /* Get crypto descriptors */ crp = crypto_getreq(esph && espx ? 2 : 1); |