Pass inp_seclevel to ip6_output() in TCP syn cache.

author bluhm <bluhm@openbsd.org>

Thu, 30 Nov 2023 10:21:56 +0000 (10:21 +0000)

committer bluhm <bluhm@openbsd.org>

Thu, 30 Nov 2023 10:21:56 +0000 (10:21 +0000)
author bluhm <bluhm@openbsd.org>
Thu, 30 Nov 2023 10:21:56 +0000 (10:21 +0000)
committer bluhm <bluhm@openbsd.org>
Thu, 30 Nov 2023 10:21:56 +0000 (10:21 +0000)
diff --git a/sys/netinet/tcp_input.c b/sys/netinet/tcp_input.c

index 0354ece..349cadf 100644 (file)
--- a/sys/netinet/tcp_input.c
+++ b/sys/netinet/tcp_input.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: tcp_input.c,v 1.395 2023/11/29 19:19:25 bluhm Exp $   */
+/*     $OpenBSD: tcp_input.c,v 1.396 2023/11/30 10:21:56 bluhm Exp $   */
  /*     $NetBSD: tcp_input.c,v 1.23 1996/02/13 23:43:44 christos Exp $  */
  
  /*
@@ -4175,7 +4175,7 @@ syn_cache_respond(struct syn_cache *sc, struct mbuf *m, uint64_t now)
                 /* leave flowlabel = 0, it is legal and require no state mgmt */
  
                 error = ip6_output(m, NULL /*XXX*/, &sc->sc_route6, 0,
-                   NULL, NULL);
+                   NULL, inp ? inp->inp_seclevel : NULL);
                 break;
  #endif
         }
author	bluhm <bluhm@openbsd.org>
	Thu, 30 Nov 2023 10:21:56 +0000 (10:21 +0000)
committer	bluhm <bluhm@openbsd.org>
	Thu, 30 Nov 2023 10:21:56 +0000 (10:21 +0000)