Module Name: src
Committed By: knakahara
Date: Fri Nov 1 04:23:21 UTC 2019
Modified Files:
src/sys/netinet6: ip6_forward.c ip6_output.c
src/sys/netipsec: ipsec.h ipsec6.h ipsec_output.c xform.h xform_ah.c
xform_esp.c xform_ipcomp.c xform_ipip.c xform_tcp.c
Log Message:
Fix ipsecif(4) IPV6_MINMTU does not work correctly.
To generate a diff of this commit:
cvs rdiff -u -r1.97 -r1.98 src/sys/netinet6/ip6_forward.c
cvs rdiff -u -r1.220 -r1.221 src/sys/netinet6/ip6_output.c
cvs rdiff -u -r1.88 -r1.89 src/sys/netipsec/ipsec.h
cvs rdiff -u -r1.29 -r1.30 src/sys/netipsec/ipsec6.h
cvs rdiff -u -r1.83 -r1.84 src/sys/netipsec/ipsec_output.c
cvs rdiff -u -r1.20 -r1.21 src/sys/netipsec/xform.h
cvs rdiff -u -r1.108 -r1.109 src/sys/netipsec/xform_ah.c
cvs rdiff -u -r1.98 -r1.99 src/sys/netipsec/xform_esp.c
cvs rdiff -u -r1.68 -r1.69 src/sys/netipsec/xform_ipcomp.c
cvs rdiff -u -r1.76 -r1.77 src/sys/netipsec/xform_ipip.c
cvs rdiff -u -r1.23 -r1.24 src/sys/netipsec/xform_tcp.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/netinet6/ip6_forward.c
diff -u src/sys/netinet6/ip6_forward.c:1.97 src/sys/netinet6/ip6_forward.c:1.98
--- src/sys/netinet6/ip6_forward.c:1.97 Thu Sep 19 04:08:29 2019
+++ src/sys/netinet6/ip6_forward.c Fri Nov 1 04:23:21 2019
@@ -1,4 +1,4 @@
-/* $NetBSD: ip6_forward.c,v 1.97 2019/09/19 04:08:29 ozaki-r Exp $ */
+/* $NetBSD: ip6_forward.c,v 1.98 2019/11/01 04:23:21 knakahara Exp $ */
/* $KAME: ip6_forward.c,v 1.109 2002/09/11 08:10:17 sakane Exp $ */
/*
@@ -31,7 +31,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: ip6_forward.c,v 1.97 2019/09/19 04:08:29 ozaki-r Exp $");
+__KERNEL_RCSID(0, "$NetBSD: ip6_forward.c,v 1.98 2019/11/01 04:23:21 knakahara Exp $");
#ifdef _KERNEL_OPT
#include "opt_gateway.h"
@@ -261,7 +261,7 @@ ip6_forward(struct mbuf *m, int srcrt)
*/
if (needipsec) {
int s = splsoftnet();
- error = ipsec6_process_packet(m, sp->req);
+ error = ipsec6_process_packet(m, sp->req, 0);
splx(s);
/* m is freed */
if (mcopy)
Index: src/sys/netinet6/ip6_output.c
diff -u src/sys/netinet6/ip6_output.c:1.220 src/sys/netinet6/ip6_output.c:1.221
--- src/sys/netinet6/ip6_output.c:1.220 Wed May 15 02:59:18 2019
+++ src/sys/netinet6/ip6_output.c Fri Nov 1 04:23:21 2019
@@ -1,4 +1,4 @@
-/* $NetBSD: ip6_output.c,v 1.220 2019/05/15 02:59:18 ozaki-r Exp $ */
+/* $NetBSD: ip6_output.c,v 1.221 2019/11/01 04:23:21 knakahara Exp $ */
/* $KAME: ip6_output.c,v 1.172 2001/03/25 09:55:56 itojun Exp $ */
/*
@@ -62,7 +62,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: ip6_output.c,v 1.220 2019/05/15 02:59:18 ozaki-r Exp $");
+__KERNEL_RCSID(0, "$NetBSD: ip6_output.c,v 1.221 2019/11/01 04:23:21 knakahara Exp $");
#ifdef _KERNEL_OPT
#include "opt_inet.h"
@@ -477,7 +477,7 @@ ip6_output(
#ifdef IPSEC
if (needipsec) {
int s = splsoftnet();
- error = ipsec6_process_packet(m, sp->req);
+ error = ipsec6_process_packet(m, sp->req, flags);
splx(s);
/*
Index: src/sys/netipsec/ipsec.h
diff -u src/sys/netipsec/ipsec.h:1.88 src/sys/netipsec/ipsec.h:1.89
--- src/sys/netipsec/ipsec.h:1.88 Wed Jun 12 22:23:50 2019
+++ src/sys/netipsec/ipsec.h Fri Nov 1 04:23:21 2019
@@ -1,4 +1,4 @@
-/* $NetBSD: ipsec.h,v 1.88 2019/06/12 22:23:50 christos Exp $ */
+/* $NetBSD: ipsec.h,v 1.89 2019/11/01 04:23:21 knakahara Exp $ */
/* $FreeBSD: ipsec.h,v 1.2.4.2 2004/02/14 22:23:23 bms Exp $ */
/* $KAME: ipsec.h,v 1.53 2001/11/20 08:32:38 itojun Exp $ */
@@ -318,7 +318,7 @@ void ipsec4_common_input(struct mbuf *m,
int ipsec4_common_input_cb(struct mbuf *, struct secasvar *, int, int);
int ipsec4_process_packet(struct mbuf *, const struct ipsecrequest *, u_long *);
int ipsec_process_done(struct mbuf *, const struct ipsecrequest *,
- struct secasvar *);
+ struct secasvar *, int);
struct mbuf *m_clone(struct mbuf *);
struct mbuf *m_makespace(struct mbuf *, int, int, int *);
Index: src/sys/netipsec/ipsec6.h
diff -u src/sys/netipsec/ipsec6.h:1.29 src/sys/netipsec/ipsec6.h:1.30
--- src/sys/netipsec/ipsec6.h:1.29 Mon May 14 17:34:26 2018
+++ src/sys/netipsec/ipsec6.h Fri Nov 1 04:23:21 2019
@@ -1,4 +1,4 @@
-/* $NetBSD: ipsec6.h,v 1.29 2018/05/14 17:34:26 maxv Exp $ */
+/* $NetBSD: ipsec6.h,v 1.30 2019/11/01 04:23:21 knakahara Exp $ */
/* $FreeBSD: ipsec6.h,v 1.1.4.1 2003/01/24 05:11:35 sam Exp $ */
/* $KAME: ipsec.h,v 1.44 2001/03/23 08:08:47 itojun Exp $ */
@@ -59,7 +59,7 @@ void *ah6_ctlinput(int, const struct soc
struct m_tag;
int ipsec6_common_input(struct mbuf **, int *, int);
int ipsec6_common_input_cb(struct mbuf *, struct secasvar *, int, int);
-int ipsec6_process_packet(struct mbuf *, const struct ipsecrequest *);
+int ipsec6_process_packet(struct mbuf *, const struct ipsecrequest *, int);
#endif /*_KERNEL*/
#endif /* !_NETIPSEC_IPSEC6_H_ */
Index: src/sys/netipsec/ipsec_output.c
diff -u src/sys/netipsec/ipsec_output.c:1.83 src/sys/netipsec/ipsec_output.c:1.84
--- src/sys/netipsec/ipsec_output.c:1.83 Thu Sep 19 04:08:30 2019
+++ src/sys/netipsec/ipsec_output.c Fri Nov 1 04:23:21 2019
@@ -1,4 +1,4 @@
-/* $NetBSD: ipsec_output.c,v 1.83 2019/09/19 04:08:30 ozaki-r Exp $ */
+/* $NetBSD: ipsec_output.c,v 1.84 2019/11/01 04:23:21 knakahara Exp $ */
/*
* Copyright (c) 2002, 2003 Sam Leffler, Errno Consulting
@@ -29,7 +29,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: ipsec_output.c,v 1.83 2019/09/19 04:08:30 ozaki-r Exp $");
+__KERNEL_RCSID(0, "$NetBSD: ipsec_output.c,v 1.84 2019/11/01 04:23:21 knakahara Exp $");
#if defined(_KERNEL_OPT)
#include "opt_inet.h"
@@ -105,7 +105,7 @@ ipsec_register_done(struct mbuf *m, int
}
static int
-ipsec_reinject_ipstack(struct mbuf *m, int af)
+ipsec_reinject_ipstack(struct mbuf *m, int af, int flags)
{
int rv = -1;
struct route *ro;
@@ -127,7 +127,7 @@ ipsec_reinject_ipstack(struct mbuf *m, i
* We don't need massage, IPv6 header fields are always in
* net endian.
*/
- rv = ip6_output(m, NULL, ro, 0, NULL, NULL, NULL);
+ rv = ip6_output(m, NULL, ro, flags, NULL, NULL, NULL);
break;
#endif
}
@@ -139,7 +139,7 @@ ipsec_reinject_ipstack(struct mbuf *m, i
int
ipsec_process_done(struct mbuf *m, const struct ipsecrequest *isr,
- struct secasvar *sav)
+ struct secasvar *sav, int flags)
{
struct secasindex *saidx;
int error;
@@ -259,7 +259,7 @@ ipsec_process_done(struct mbuf *m, const
#endif
#ifdef INET6
case AF_INET6:
- return ipsec6_process_packet(m, isr->next);
+ return ipsec6_process_packet(m, isr->next, flags);
#endif
default:
IPSECLOG(LOG_DEBUG, "unknown protocol family %u\n",
@@ -278,7 +278,7 @@ ipsec_process_done(struct mbuf *m, const
if (ipsec_register_done(m, &error) < 0)
goto bad;
- return ipsec_reinject_ipstack(m, saidx->dst.sa.sa_family);
+ return ipsec_reinject_ipstack(m, saidx->dst.sa.sa_family, flags);
bad:
m_freem(m);
@@ -507,7 +507,7 @@ ipsec4_process_packet(struct mbuf *m, co
goto bad;
splx(s);
- return ipsec_reinject_ipstack(m, AF_INET);
+ return ipsec_reinject_ipstack(m, AF_INET, 0);
}
}
KASSERT(sav != NULL);
@@ -628,9 +628,9 @@ noneed:
i = sizeof(struct ip6_hdr);
off = offsetof(struct ip6_hdr, ip6_nxt);
}
- error = (*sav->tdb_xform->xf_output)(m, isr, sav, i, off);
+ error = (*sav->tdb_xform->xf_output)(m, isr, sav, i, off, 0);
} else {
- error = ipsec_process_done(m, isr, sav);
+ error = ipsec_process_done(m, isr, sav, 0);
}
KEY_SA_UNREF(&sav);
splx(s);
@@ -734,7 +734,7 @@ in6_sa_equal_addrwithscope(const struct
}
int
-ipsec6_process_packet(struct mbuf *m, const struct ipsecrequest *isr)
+ipsec6_process_packet(struct mbuf *m, const struct ipsecrequest *isr, int flags)
{
struct secasvar *sav = NULL;
struct ip6_hdr *ip6;
@@ -757,7 +757,7 @@ ipsec6_process_packet(struct mbuf *m, co
goto bad;
splx(s);
- return ipsec_reinject_ipstack(m, AF_INET6);
+ return ipsec_reinject_ipstack(m, AF_INET6, flags);
}
}
@@ -821,7 +821,7 @@ ipsec6_process_packet(struct mbuf *m, co
if (error)
goto unrefsav;
}
- error = (*sav->tdb_xform->xf_output)(m, isr, sav, i, off);
+ error = (*sav->tdb_xform->xf_output)(m, isr, sav, i, off, flags);
KEY_SA_UNREF(&sav);
splx(s);
return error;
Index: src/sys/netipsec/xform.h
diff -u src/sys/netipsec/xform.h:1.20 src/sys/netipsec/xform.h:1.21
--- src/sys/netipsec/xform.h:1.20 Wed May 30 17:17:11 2018
+++ src/sys/netipsec/xform.h Fri Nov 1 04:23:21 2019
@@ -1,4 +1,4 @@
-/* $NetBSD: xform.h,v 1.20 2018/05/30 17:17:11 maxv Exp $ */
+/* $NetBSD: xform.h,v 1.21 2019/11/01 04:23:21 knakahara Exp $ */
/* $FreeBSD: xform.h,v 1.1.4.1 2003/01/24 05:11:36 sam Exp $ */
/* $OpenBSD: ip_ipsp.h,v 1.119 2002/03/14 01:27:11 millert Exp $ */
/*
@@ -58,6 +58,7 @@ struct tdb_crypto {
u_int8_t tc_nxt; /* next protocol, e.g. IPV4 */
int tc_protoff; /* current protocol offset */
int tc_skip; /* data offset */
+ int tc_flags; /* outer protocol flags, e.g. IPV6_MINMTU */
struct secasvar *tc_sav; /* ipsec SA */
};
@@ -79,7 +80,7 @@ struct xformsw {
int (*xf_zeroize)(struct secasvar *);
int (*xf_input)(struct mbuf *, struct secasvar *, int, int);
int (*xf_output)(struct mbuf *, const struct ipsecrequest *,
- struct secasvar *, int, int);
+ struct secasvar *, int, int, int);
struct xformsw *xf_next; /* list of registered xforms */
};
Index: src/sys/netipsec/xform_ah.c
diff -u src/sys/netipsec/xform_ah.c:1.108 src/sys/netipsec/xform_ah.c:1.109
--- src/sys/netipsec/xform_ah.c:1.108 Wed Jun 12 22:23:50 2019
+++ src/sys/netipsec/xform_ah.c Fri Nov 1 04:23:21 2019
@@ -1,4 +1,4 @@
-/* $NetBSD: xform_ah.c,v 1.108 2019/06/12 22:23:50 christos Exp $ */
+/* $NetBSD: xform_ah.c,v 1.109 2019/11/01 04:23:21 knakahara Exp $ */
/* $FreeBSD: xform_ah.c,v 1.1.4.1 2003/01/24 05:11:36 sam Exp $ */
/* $OpenBSD: ip_ah.c,v 1.63 2001/06/26 06:18:58 angelos Exp $ */
/*
@@ -39,7 +39,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: xform_ah.c,v 1.108 2019/06/12 22:23:50 christos Exp $");
+__KERNEL_RCSID(0, "$NetBSD: xform_ah.c,v 1.109 2019/11/01 04:23:21 knakahara Exp $");
#if defined(_KERNEL_OPT)
#include "opt_inet.h"
@@ -891,7 +891,7 @@ bad:
*/
static int
ah_output(struct mbuf *m, const struct ipsecrequest *isr, struct secasvar *sav,
- int skip, int protoff)
+ int skip, int protoff, int flags)
{
char buf[IPSEC_ADDRSTRLEN];
const struct auth_hash *ahx;
@@ -1114,6 +1114,7 @@ ah_output(struct mbuf *m, const struct i
tc->tc_proto = sav->sah->saidx.proto;
tc->tc_skip = skip;
tc->tc_protoff = protoff;
+ tc->tc_flags = flags;
tc->tc_sav = sav;
return crypto_dispatch(crp);
@@ -1143,7 +1144,7 @@ ah_output_cb(struct cryptop *crp)
struct secasvar *sav;
struct mbuf *m;
void *ptr;
- int err;
+ int err, flags;
size_t size;
bool pool_used;
IPSEC_DECLARE_LOCK_VARIABLE;
@@ -1185,6 +1186,7 @@ ah_output_cb(struct cryptop *crp)
*/
m_copyback(m, 0, skip, ptr);
+ flags = tc->tc_flags;
/* No longer needed. */
if (__predict_true(pool_used))
pool_cache_put(ah_tdb_crypto_pool_cache, tc);
@@ -1207,7 +1209,7 @@ ah_output_cb(struct cryptop *crp)
#endif
/* NB: m is reclaimed by ipsec_process_done. */
- err = ipsec_process_done(m, isr, sav);
+ err = ipsec_process_done(m, isr, sav, flags);
KEY_SA_UNREF(&sav);
KEY_SP_UNREF(&isr->sp);
IPSEC_RELEASE_GLOBAL_LOCKS();
Index: src/sys/netipsec/xform_esp.c
diff -u src/sys/netipsec/xform_esp.c:1.98 src/sys/netipsec/xform_esp.c:1.99
--- src/sys/netipsec/xform_esp.c:1.98 Wed Jun 12 22:23:50 2019
+++ src/sys/netipsec/xform_esp.c Fri Nov 1 04:23:21 2019
@@ -1,4 +1,4 @@
-/* $NetBSD: xform_esp.c,v 1.98 2019/06/12 22:23:50 christos Exp $ */
+/* $NetBSD: xform_esp.c,v 1.99 2019/11/01 04:23:21 knakahara Exp $ */
/* $FreeBSD: xform_esp.c,v 1.2.2.1 2003/01/24 05:11:36 sam Exp $ */
/* $OpenBSD: ip_esp.c,v 1.69 2001/06/26 06:18:59 angelos Exp $ */
@@ -39,7 +39,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: xform_esp.c,v 1.98 2019/06/12 22:23:50 christos Exp $");
+__KERNEL_RCSID(0, "$NetBSD: xform_esp.c,v 1.99 2019/11/01 04:23:21 knakahara Exp $");
#if defined(_KERNEL_OPT)
#include "opt_inet.h"
@@ -686,7 +686,7 @@ bad:
*/
static int
esp_output(struct mbuf *m, const struct ipsecrequest *isr, struct secasvar *sav,
- int skip, int protoff)
+ int skip, int protoff, int flags)
{
char buf[IPSEC_ADDRSTRLEN];
const struct enc_xform *espx;
@@ -905,6 +905,7 @@ esp_output(struct mbuf *m, const struct
tc->tc_spi = sav->spi;
tc->tc_dst = saidx->dst;
tc->tc_proto = saidx->proto;
+ tc->tc_flags = flags;
tc->tc_sav = sav;
/* Crypto operation descriptor. */
@@ -954,7 +955,7 @@ esp_output_cb(struct cryptop *crp)
const struct ipsecrequest *isr;
struct secasvar *sav;
struct mbuf *m;
- int err, error;
+ int err, error, flags;
IPSEC_DECLARE_LOCK_VARIABLE;
KASSERT(crp->crp_opaque != NULL);
@@ -987,6 +988,7 @@ esp_output_cb(struct cryptop *crp)
if (sav->tdb_authalgxform != NULL)
AH_STATINC(AH_STAT_HIST + ah_stats[sav->alg_auth]);
+ flags = tc->tc_flags;
/* Release crypto descriptors. */
pool_cache_put(esp_tdb_crypto_pool_cache, tc);
crypto_freereq(crp);
@@ -1010,7 +1012,7 @@ esp_output_cb(struct cryptop *crp)
#endif
/* NB: m is reclaimed by ipsec_process_done. */
- err = ipsec_process_done(m, isr, sav);
+ err = ipsec_process_done(m, isr, sav, flags);
KEY_SA_UNREF(&sav);
KEY_SP_UNREF(&isr->sp);
IPSEC_RELEASE_GLOBAL_LOCKS();
Index: src/sys/netipsec/xform_ipcomp.c
diff -u src/sys/netipsec/xform_ipcomp.c:1.68 src/sys/netipsec/xform_ipcomp.c:1.69
--- src/sys/netipsec/xform_ipcomp.c:1.68 Wed Jun 12 22:23:50 2019
+++ src/sys/netipsec/xform_ipcomp.c Fri Nov 1 04:23:21 2019
@@ -1,4 +1,4 @@
-/* $NetBSD: xform_ipcomp.c,v 1.68 2019/06/12 22:23:50 christos Exp $ */
+/* $NetBSD: xform_ipcomp.c,v 1.69 2019/11/01 04:23:21 knakahara Exp $ */
/* $FreeBSD: xform_ipcomp.c,v 1.1.4.1 2003/01/24 05:11:36 sam Exp $ */
/* $OpenBSD: ip_ipcomp.c,v 1.1 2001/07/05 12:08:52 jjbg Exp $ */
@@ -30,7 +30,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: xform_ipcomp.c,v 1.68 2019/06/12 22:23:50 christos Exp $");
+__KERNEL_RCSID(0, "$NetBSD: xform_ipcomp.c,v 1.69 2019/11/01 04:23:21 knakahara Exp $");
/* IP payload compression protocol (IPComp), see RFC 2393 */
#if defined(_KERNEL_OPT)
@@ -366,7 +366,7 @@ bad:
*/
static int
ipcomp_output(struct mbuf *m, const struct ipsecrequest *isr,
- struct secasvar *sav, int skip, int protoff)
+ struct secasvar *sav, int skip, int protoff, int flags)
{
char buf[IPSEC_ADDRSTRLEN];
const struct comp_algo *ipcompx;
@@ -385,7 +385,7 @@ ipcomp_output(struct mbuf *m, const stru
/* Don't process the packet if it is too short */
if (ralen < ipcompx->minlen) {
IPCOMP_STATINC(IPCOMP_STAT_MINLEN);
- return ipsec_process_done(m, isr, sav);
+ return ipsec_process_done(m, isr, sav, 0);
}
hlen = IPCOMP_HLENGTH;
@@ -495,6 +495,7 @@ ipcomp_output(struct mbuf *m, const stru
tc->tc_proto = sav->sah->saidx.proto;
tc->tc_skip = skip;
tc->tc_protoff = protoff;
+ tc->tc_flags = flags;
tc->tc_sav = sav;
/* Crypto operation descriptor */
@@ -524,7 +525,7 @@ ipcomp_output_cb(struct cryptop *crp)
const struct ipsecrequest *isr;
struct secasvar *sav;
struct mbuf *m, *mo;
- int error, skip, rlen, roff;
+ int error, skip, rlen, roff, flags;
uint8_t prot;
uint16_t cpi;
struct ipcomp * ipcomp;
@@ -629,12 +630,13 @@ ipcomp_output_cb(struct cryptop *crp)
"and compressed size is %d\n", rlen, crp->crp_olen);
}
+ flags = tc->tc_flags;
/* Release the crypto descriptor */
pool_cache_put(ipcomp_tdb_crypto_pool_cache, tc);
crypto_freereq(crp);
/* NB: m is reclaimed by ipsec_process_done. */
- error = ipsec_process_done(m, isr, sav);
+ error = ipsec_process_done(m, isr, sav, flags);
KEY_SA_UNREF(&sav);
KEY_SP_UNREF(&isr->sp);
IPSEC_RELEASE_GLOBAL_LOCKS();
Index: src/sys/netipsec/xform_ipip.c
diff -u src/sys/netipsec/xform_ipip.c:1.76 src/sys/netipsec/xform_ipip.c:1.77
--- src/sys/netipsec/xform_ipip.c:1.76 Wed Jun 12 22:23:50 2019
+++ src/sys/netipsec/xform_ipip.c Fri Nov 1 04:23:21 2019
@@ -1,4 +1,4 @@
-/* $NetBSD: xform_ipip.c,v 1.76 2019/06/12 22:23:50 christos Exp $ */
+/* $NetBSD: xform_ipip.c,v 1.77 2019/11/01 04:23:21 knakahara Exp $ */
/* $FreeBSD: xform_ipip.c,v 1.3.2.1 2003/01/24 05:11:36 sam Exp $ */
/* $OpenBSD: ip_ipip.c,v 1.25 2002/06/10 18:04:55 itojun Exp $ */
@@ -39,7 +39,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.76 2019/06/12 22:23:50 christos Exp $");
+__KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.77 2019/11/01 04:23:21 knakahara Exp $");
#if defined(_KERNEL_OPT)
#include "opt_inet.h"
@@ -575,7 +575,7 @@ ipe4_input(struct mbuf *m, struct secasv
static int
ipe4_output(struct mbuf *m, const struct ipsecrequest *isr,
- struct secasvar *sav, int skip, int protoff)
+ struct secasvar *sav, int skip, int protoff, int flags)
{
panic("%s: should not have been called", __func__);
}
Index: src/sys/netipsec/xform_tcp.c
diff -u src/sys/netipsec/xform_tcp.c:1.23 src/sys/netipsec/xform_tcp.c:1.24
--- src/sys/netipsec/xform_tcp.c:1.23 Wed Jun 12 22:23:50 2019
+++ src/sys/netipsec/xform_tcp.c Fri Nov 1 04:23:21 2019
@@ -1,4 +1,4 @@
-/* $NetBSD: xform_tcp.c,v 1.23 2019/06/12 22:23:50 christos Exp $ */
+/* $NetBSD: xform_tcp.c,v 1.24 2019/11/01 04:23:21 knakahara Exp $ */
/* $FreeBSD: xform_tcp.c,v 1.1.2.1 2004/02/14 22:24:09 bms Exp $ */
/*
@@ -34,7 +34,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: xform_tcp.c,v 1.23 2019/06/12 22:23:50 christos Exp $");
+__KERNEL_RCSID(0, "$NetBSD: xform_tcp.c,v 1.24 2019/11/01 04:23:21 knakahara Exp $");
#if defined(_KERNEL_OPT)
#include "opt_inet.h"
@@ -132,7 +132,7 @@ tcpsignature_input(struct mbuf *m, struc
static int
tcpsignature_output(struct mbuf *m, const struct ipsecrequest *isr,
- struct secasvar *sav, int skip, int protoff)
+ struct secasvar *sav, int skip, int protoff, int flags)
{
panic("%s: should not have been called", __func__);
}
