From: angelos Date: Wed, 29 Mar 2000 08:50:38 +0000 (+0000) Subject: Minor cleanup. X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=1c0fccbee617d04fb33725bca0f912ca0bd30b1c;p=openbsd Minor cleanup. --- diff --git a/sys/netinet/ipsec_input.c b/sys/netinet/ipsec_input.c index 7aca77e11cb..5cf8cdb67c5 100644 --- a/sys/netinet/ipsec_input.c +++ b/sys/netinet/ipsec_input.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ipsec_input.c,v 1.20 2000/03/17 10:25:23 angelos Exp $ */ +/* $OpenBSD: ipsec_input.c,v 1.21 2000/03/29 08:50:38 angelos Exp $ */ /* * The authors of this code are John Ioannidis (ji@tla.org), @@ -108,8 +108,7 @@ ipsec_common_input(struct mbuf *m, int skip, int protoff, int af, int sproto) { #define IPSEC_ISTAT(y,z) (sproto == IPPROTO_ESP ? (y)++ : (z)++) - union sockaddr_union src_address, dst_address; - caddr_t sport = 0, dport = 0; + union sockaddr_union dst_address; struct tdb *tdbp; u_int32_t spi; int s; @@ -152,8 +151,6 @@ ipsec_common_input(struct mbuf *m, int skip, int protoff, int af, int sproto) #ifdef INET case AF_INET: dst_address.sin.sin_len = sizeof(struct sockaddr_in); - sport = (caddr_t) &src_address.sin.sin_port; - dport = (caddr_t) &dst_address.sin.sin_port; m_copydata(m, offsetof(struct ip, ip_dst), sizeof(struct in_addr), (caddr_t) &(dst_address.sin.sin_addr)); break; @@ -162,8 +159,6 @@ ipsec_common_input(struct mbuf *m, int skip, int protoff, int af, int sproto) #ifdef INET6 case AF_INET6: dst_address.sin6.sin6_len = sizeof(struct sockaddr_in6); - sport = (caddr_t) &src_address.sin6.sin6_port; - dport = (caddr_t) &dst_address.sin6.sin6_port; m_copydata(m, offsetof(struct ip6_hdr, ip6_dst), sizeof(struct in6_addr), (caddr_t) &(dst_address.sin6.sin6_addr)); @@ -192,8 +187,7 @@ ipsec_common_input(struct mbuf *m, int skip, int protoff, int af, int sproto) if (tdbp->tdb_flags & TDBF_INVALID) { splx(s); - DPRINTF(("ipsec_common_input(): attempted to use invalid SA %s/%08x\n", - ipsp_address(dst_address), ntohl(spi))); + DPRINTF(("ipsec_common_input(): attempted to use invalid SA %s/%08x/%u\n", ipsp_address(dst_address), ntohl(spi), tdbp->tdb_sproto)); m_freem(m); IPSEC_ISTAT(espstat.esps_invalid, ahstat.ahs_invalid); return EINVAL; @@ -202,7 +196,7 @@ ipsec_common_input(struct mbuf *m, int skip, int protoff, int af, int sproto) if (tdbp->tdb_xform == NULL) { splx(s); - DPRINTF(("ipsec_common_input(): attempted to use uninitialized SA %s/%08x\n", ipsp_address(dst_address), ntohl(spi))); + DPRINTF(("ipsec_common_input(): attempted to use uninitialized SA %s/%08x/%u\n", ipsp_address(dst_address), ntohl(spi), tdbp->tdb_sproto)); m_freem(m); IPSEC_ISTAT(espstat.esps_noxform, ahstat.ahs_noxform); return ENXIO; @@ -223,7 +217,7 @@ ipsec_common_input(struct mbuf *m, int skip, int protoff, int af, int sproto) /* If we do ingress filtering and the list is empty, quick drop */ if (ipsec_acl && (tdbp->tdb_access == NULL)) { - DPRINTF(("ipsec_common_input(): packet from %s dropped due to empty policy list, SA %s/%08x\n", ipsp_address(src_address), ipsp_address(tdbp->tdb_dst), ntohl(spi))); + DPRINTF(("ipsec_common_input(): packet dropped due to empty policy list, SA %s/%08x/%u\n", ipsp_address(tdbp->tdb_dst), ntohl(spi), tdbp->tdb_sproto)); splx(s); m_freem(m); IPSEC_ISTAT(espstat.esps_pdrops, ahstat.ahs_pdrops); @@ -277,6 +271,8 @@ ipsec_common_input_cb(struct mbuf *m, struct tdb *tdbp, int skip, int protoff) return EINVAL; } + bcopy(&tdbp->tdb_dst, &dst_address, tdbp->tdb_dst.sa.sa_len); + #ifdef INET /* Fix IPv4 header */ if (tdbp->tdb_dst.sa.sa_family == AF_INET) @@ -451,7 +447,7 @@ ipsec_common_input_cb(struct mbuf *m, struct tdb *tdbp, int skip, int protoff) /* Access control */ if (ipsec_acl) { - bzero(&src_address, sizeof(dst_address)); + bzero(&src_address, sizeof(src_address)); src_address.sa.sa_family = af; src_address.sa.sa_len = dst_address.sa.sa_len;