Module Name: src
Committed By: maxv
Date: Mon Feb 26 10:19:13 UTC 2018
Modified Files:
src/sys/netipsec: ipsec.c
Log Message:
Reduce the diff between ipsec6_input and ipsec4_input.
To generate a diff of this commit:
cvs rdiff -u -r1.139 -r1.140 src/sys/netipsec/ipsec.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/netipsec/ipsec.c
diff -u src/sys/netipsec/ipsec.c:1.139 src/sys/netipsec/ipsec.c:1.140
--- src/sys/netipsec/ipsec.c:1.139 Mon Feb 26 09:04:29 2018
+++ src/sys/netipsec/ipsec.c Mon Feb 26 10:19:13 2018
@@ -1,4 +1,4 @@
-/* $NetBSD: ipsec.c,v 1.139 2018/02/26 09:04:29 maxv Exp $ */
+/* $NetBSD: ipsec.c,v 1.140 2018/02/26 10:19:13 maxv Exp $ */
/* $FreeBSD: src/sys/netipsec/ipsec.c,v 1.2.2.2 2003/07/01 01:38:13 sam Exp $ */
/* $KAME: ipsec.c,v 1.103 2001/05/24 07:14:18 sakane Exp $ */
@@ -32,7 +32,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: ipsec.c,v 1.139 2018/02/26 09:04:29 maxv Exp $");
+__KERNEL_RCSID(0, "$NetBSD: ipsec.c,v 1.140 2018/02/26 10:19:13 maxv Exp $");
/*
* IPsec controller part.
@@ -2140,18 +2140,16 @@ ipsec6_input(struct mbuf *m)
s = splsoftnet();
sp = ipsec_getpolicybyaddr(m, IPSEC_DIR_INBOUND, IP_FORWARDING, &error);
- if (sp != NULL) {
- /*
- * Check security policy against packet
- * attributes.
- */
- error = ipsec_sp_reject(sp, m);
- KEY_SP_UNREF(&sp);
- } else {
- /* XXX error stat??? */
- error = EINVAL;
- IPSECLOG(LOG_DEBUG, "no SP, packet discarded\n");/*XXX*/
+ if (sp == NULL) {
+ splx(s);
+ return EINVAL;
}
+
+ /*
+ * Check security policy against packet attributes.
+ */
+ error = ipsec_sp_reject(sp, m);
+ KEY_SP_UNREF(&sp);
splx(s);
return error;
