-/* $OpenBSD: ip_output.c,v 1.280 2015/05/13 10:42:46 jsg Exp $ */
+/* $OpenBSD: ip_output.c,v 1.281 2015/05/23 12:52:59 markus Exp $ */
/* $NetBSD: ip_output.c,v 1.28 1996/02/13 23:43:07 christos Exp $ */
/*
goto done_spd;
/* Do we have any pending SAs to apply ? */
- mtag = m_tag_find(m, PACKET_TAG_IPSEC_PENDING_TDB, NULL);
- if (mtag != NULL) {
-#ifdef DIAGNOSTIC
- if (mtag->m_tag_len != sizeof (struct tdb_ident))
- panic("ip_output: tag of length %hu (should be %zu",
- mtag->m_tag_len, sizeof (struct tdb_ident));
-#endif
- tdbi = (struct tdb_ident *)(mtag + 1);
- tdb = gettdb(tdbi->rdomain,
- tdbi->spi, &tdbi->dst, tdbi->proto);
- if (tdb == NULL)
- error = -EINVAL;
- m_tag_delete(m, mtag);
- }
- else
- tdb = ipsp_spd_lookup(m, AF_INET, hlen, &error,
- IPSP_DIRECTION_OUT, NULL, inp, ipsecflowinfo);
+ tdb = ipsp_spd_lookup(m, AF_INET, hlen, &error,
+ IPSP_DIRECTION_OUT, NULL, inp, ipsecflowinfo);
if (tdb == NULL) {
if (error == 0) {
-/* $OpenBSD: ip6_forward.c,v 1.73 2015/04/17 11:04:02 mikeb Exp $ */
+/* $OpenBSD: ip6_forward.c,v 1.74 2015/05/23 12:52:59 markus Exp $ */
/* $KAME: ip6_forward.c,v 1.75 2001/06/29 12:42:13 jinmei Exp $ */
/*
*/
/* Do we have any pending SAs to apply ? */
- mtag = m_tag_find(m, PACKET_TAG_IPSEC_PENDING_TDB, NULL);
- if (mtag != NULL) {
-#ifdef DIAGNOSTIC
- if (mtag->m_tag_len != sizeof (struct tdb_ident))
- panic("ip6_forward: tag of length %hu (should be %zu",
- mtag->m_tag_len, sizeof (struct tdb_ident));
-#endif
- tdbi = (struct tdb_ident *)(mtag + 1);
- tdb = gettdb(tdbi->rdomain, tdbi->spi, &tdbi->dst,
- tdbi->proto);
- if (tdb == NULL)
- error = -EINVAL;
- m_tag_delete(m, mtag);
- } else
- tdb = ipsp_spd_lookup(m, AF_INET6, sizeof(struct ip6_hdr),
- &error, IPSP_DIRECTION_OUT, NULL, NULL, 0);
+ tdb = ipsp_spd_lookup(m, AF_INET6, sizeof(struct ip6_hdr),
+ &error, IPSP_DIRECTION_OUT, NULL, NULL, 0);
if (tdb == NULL) {
if (error == 0) {
-/* $OpenBSD: ip6_output.c,v 1.171 2015/05/13 10:42:47 jsg Exp $ */
+/* $OpenBSD: ip6_output.c,v 1.172 2015/05/23 12:52:59 markus Exp $ */
/* $KAME: ip6_output.c,v 1.172 2001/03/25 09:55:56 itojun Exp $ */
/*
ip6 = mtod(m, struct ip6_hdr *);
/* Do we have any pending SAs to apply ? */
- mtag = m_tag_find(m, PACKET_TAG_IPSEC_PENDING_TDB, NULL);
- if (mtag != NULL) {
-#ifdef DIAGNOSTIC
- if (mtag->m_tag_len != sizeof (struct tdb_ident))
- panic("ip6_output: tag of length %hu (should be %zu",
- mtag->m_tag_len, sizeof (struct tdb_ident));
-#endif
- tdbi = (struct tdb_ident *)(mtag + 1);
- tdb = gettdb(tdbi->rdomain, tdbi->spi, &tdbi->dst, tdbi->proto);
- if (tdb == NULL)
- error = -EINVAL;
- m_tag_delete(m, mtag);
- } else
- tdb = ipsp_spd_lookup(m, AF_INET6, sizeof(struct ip6_hdr),
- &error, IPSP_DIRECTION_OUT, NULL, inp, 0);
+ tdb = ipsp_spd_lookup(m, AF_INET6, sizeof(struct ip6_hdr),
+ &error, IPSP_DIRECTION_OUT, NULL, inp, 0);
if (tdb == NULL) {
if (error == 0) {
-/* $OpenBSD: mbuf.h,v 1.190 2015/04/17 11:04:02 mikeb Exp $ */
+/* $OpenBSD: mbuf.h,v 1.191 2015/05/23 12:52:59 markus Exp $ */
/* $NetBSD: mbuf.h,v 1.19 1996/02/09 18:25:14 christos Exp $ */
/*
/* Packet tag types */
#define PACKET_TAG_IPSEC_IN_DONE 0x0001 /* IPsec applied, in */
#define PACKET_TAG_IPSEC_OUT_DONE 0x0002 /* IPsec applied, out */
-#define PACKET_TAG_IPSEC_PENDING_TDB 0x0010 /* Reminder to do IPsec */
#define PACKET_TAG_BRIDGE 0x0020 /* Bridge processing done */
#define PACKET_TAG_GIF 0x0040 /* GIF processing done */
#define PACKET_TAG_GRE 0x0080 /* GRE processing done */
projects / openbsd / commitdiff