diff options
| author |   bluhm <bluhm@openbsd.org> | 2018-05-14 15:24:23 +0000 |
|---|---|---|
| committer | bluhm <bluhm@openbsd.org> | 2018-05-14 15:24:23 +0000 |
| commit | 0f54ff79ba0cd55b36a32959ce7d31cbf4aa7dd3 (patch) | |
| tree | 4f5ff6d2ce854d6a00e56ac56b64eebdd51adcea /sys/netinet/udp_usrreq.c | |
| parent | kill corrupt / uncorrupt queue mechanism as it has never been usable and it (diff) | |
| download | wireguard-openbsd-0f54ff79ba0cd55b36a32959ce7d31cbf4aa7dd3.tar.xz wireguard-openbsd-0f54ff79ba0cd55b36a32959ce7d31cbf4aa7dd3.zip | |
When checking the IPsec enable sysctls, ipsec_common_input() had
switches for protocol and address family. Move this code to the
specific functions from where the common function is called.
As a consequence the raw ip input functions can never be called
from udp_input() anymore. If IPsec is disabled, the functions
ah6_input(), esp6_input(), and ipcomp6_input() do not start processing
the header chain. The raw ip input functions are called with the
mbuf and offset pointers from the protocol walking loop which is
the usual behavior.
OK mpi@ markus@
Diffstat (limited to 'sys/netinet/udp_usrreq.c')
| -rw-r--r-- | sys/netinet/udp_usrreq.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/sys/netinet/udp_usrreq.c b/sys/netinet/udp_usrreq.c index 4c113c025a8..f08e8dc2018 100644 --- a/sys/netinet/udp_usrreq.c +++ b/sys/netinet/udp_usrreq.c @@ -1,4 +1,4 @@ -/* $OpenBSD: udp_usrreq.c,v 1.247 2018/04/24 15:40:55 pirofti Exp $ */ +/* $OpenBSD: udp_usrreq.c,v 1.248 2018/05/14 15:24:23 bluhm Exp $ */ /* $NetBSD: udp_usrreq.c,v 1.28 1996/03/16 23:54:03 christos Exp $ */ /* @@ -270,7 +270,7 @@ udp_input(struct mbuf **mp, int *offp, int proto, int af) } #ifdef IPSEC - if (udpencap_enable && udpencap_port && + if (udpencap_enable && udpencap_port && esp_enable && #if NPF > 0 !(m->m_pkthdr.pf.flags & PF_TAG_DIVERTED) && #endif |