version 1.137, 2018/02/26 08:42:16 |
version 1.138, 2018/02/26 08:50:25 |
Line 778 ipsec4_forward(struct mbuf *m, int *dest |
|
Line 778 ipsec4_forward(struct mbuf *m, int *dest |
|
} |
} |
|
|
/* Count IPsec header size. */ |
/* Count IPsec header size. */ |
ipsechdr = ipsec4_hdrsiz(m, IPSEC_DIR_OUTBOUND, NULL); |
ipsechdr = ipsec_hdrsiz(m, IPSEC_DIR_OUTBOUND, NULL); |
|
|
/* |
/* |
* Find the correct route for outer IPv4 header, compute tunnel MTU. |
* Find the correct route for outer IPv4 header, compute tunnel MTU. |
Line 1845 ipsec_sp_hdrsiz(const struct secpolicy * |
|
Line 1845 ipsec_sp_hdrsiz(const struct secpolicy * |
|
} |
} |
|
|
size_t |
size_t |
ipsec4_hdrsiz(struct mbuf *m, u_int dir, struct inpcb *inp) |
ipsec_hdrsiz(struct mbuf *m, u_int dir, void *inp) |
{ |
{ |
struct inpcb_hdr *inph = (struct inpcb_hdr *)inp; |
struct inpcb_hdr *inph = (struct inpcb_hdr *)inp; |
struct secpolicy *sp; |
struct secpolicy *sp; |
Line 1872 ipsec4_hdrsiz(struct mbuf *m, u_int dir, |
|
Line 1872 ipsec4_hdrsiz(struct mbuf *m, u_int dir, |
|
return size; |
return size; |
} |
} |
|
|
#ifdef INET6 |
|
size_t |
|
ipsec6_hdrsiz(struct mbuf *m, u_int dir, struct in6pcb *in6p) |
|
{ |
|
struct inpcb_hdr *inph = (struct inpcb_hdr *)in6p; |
|
struct secpolicy *sp; |
|
int error; |
|
size_t size; |
|
|
|
KASSERT(m != NULL); |
|
KASSERTMSG(inph == NULL || inph->inph_socket != NULL, |
|
"socket w/o inpcb"); |
|
|
|
if (inph == NULL) |
|
sp = ipsec_getpolicybyaddr(m, dir, IP_FORWARDING, &error); |
|
else |
|
sp = ipsec_getpolicybysock(m, dir, inph, &error); |
|
|
|
if (sp != NULL) { |
|
size = ipsec_sp_hdrsiz(sp, m); |
|
KEYDEBUG_PRINTF(KEYDEBUG_IPSEC_DATA, "size:%zu.\n", size); |
|
KEY_SP_UNREF(&sp); |
|
} else { |
|
size = 0; |
|
} |
|
|
|
return size; |
|
} |
|
#endif |
|
|
|
/* |
/* |
* Check the variable replay window. |
* Check the variable replay window. |
* ipsec_chkreplay() performs replay check before ICV verification. |
* ipsec_chkreplay() performs replay check before ICV verification. |