when dumping policies, skip those attached to a socket.

ok ho
author: hshoexer <hshoexer@openbsd.org> 2005-06-01 11:22:07 +0000
committer: hshoexer <hshoexer@openbsd.org> 2005-06-01 11:22:07 +0000
commit: f40aa9de82bbff66b5761918a601eaad11092457 (patch)
tree: 536321914cda44e46edc2903ecd21af846c1e6a5 /sys/net/pfkeyv2.c
parent: This file is outdated, everything needed for setting up PKI is in the man pages (diff)
download: wireguard-openbsd-f40aa9de82bbff66b5761918a601eaad11092457.tar.xz
wireguard-openbsd-f40aa9de82bbff66b5761918a601eaad11092457.zip
1 files changed, 5 insertions, 1 deletions
diff --git a/sys/net/pfkeyv2.c b/sys/net/pfkeyv2.c
index 189882f58e2..c1a563bc691 100644
--- a/sys/net/pfkeyv2.c
+++ b/sys/net/pfkeyv2.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: pfkeyv2.c,v 1.107 2005/05/28 17:43:25 hshoexer Exp $ */
+/* $OpenBSD: pfkeyv2.c,v 1.108 2005/06/01 11:22:07 hshoexer Exp $ */
 
 /*
  *	@(#)COPYRIGHT	1.1 (NRL) 17 January 1995
@@ -2370,6 +2370,10 @@ pfkeyv2_sysctl_policydumper(struct ipsec_policy *ipo, void *arg)
 	void *buffer = 0;
 	int i, buflen, error = 0;
 
+	/* Do not dump policies attached to a socket. */
+	if (ipo->ipo_flags & IPSP_POLICY_SOCKET)
+		return (0);
+
 	if (w->w_where) {
 		void *headers[SADB_EXT_MAX + 1];
 		struct sadb_msg msg;
author	hshoexer <hshoexer@openbsd.org>	2005-06-01 11:22:07 +0000
committer	hshoexer <hshoexer@openbsd.org>	2005-06-01 11:22:07 +0000
commit	f40aa9de82bbff66b5761918a601eaad11092457 (patch)
tree	536321914cda44e46edc2903ecd21af846c1e6a5 /sys/net/pfkeyv2.c
parent	This file is outdated, everything needed for setting up PKI is in the man pages (diff)
download	wireguard-openbsd-f40aa9de82bbff66b5761918a601eaad11092457.tar.xz wireguard-openbsd-f40aa9de82bbff66b5761918a601eaad11092457.zip