Module Name: src
Committed By: knakahara
Date: Tue May 29 04:45:50 UTC 2018
Modified Files:
src/sys/net: if_ipsec.c
Log Message:
Reviewd by ohishi@IIJ. Sorry, I jumped the gun and committed.
Fix the following two issues.
- remove extra padding of sizeof(xisr) when adding ipsec policy
- add padding for xpl when adding discard policy
To generate a diff of this commit:
cvs rdiff -u -r1.15 -r1.16 src/sys/net/if_ipsec.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/net/if_ipsec.c
diff -u src/sys/net/if_ipsec.c:1.15 src/sys/net/if_ipsec.c:1.16
--- src/sys/net/if_ipsec.c:1.15 Tue May 29 03:38:24 2018
+++ src/sys/net/if_ipsec.c Tue May 29 04:45:50 2018
@@ -1,4 +1,4 @@
-/* $NetBSD: if_ipsec.c,v 1.15 2018/05/29 03:38:24 knakahara Exp $ */
+/* $NetBSD: if_ipsec.c,v 1.16 2018/05/29 04:45:50 knakahara Exp $ */
/*
* Copyright (c) 2017 Internet Initiative Japan Inc.
@@ -27,7 +27,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: if_ipsec.c,v 1.15 2018/05/29 03:38:24 knakahara Exp $");
+__KERNEL_RCSID(0, "$NetBSD: if_ipsec.c,v 1.16 2018/05/29 04:45:50 knakahara Exp $");
#ifdef _KERNEL_OPT
#include "opt_inet.h"
@@ -1591,6 +1591,7 @@ if_ipsec_add_sp0(struct sockaddr *src, i
if_ipsec_add_pad(m, padlen);
if_ipsec_add_mbuf(m, &xpl, sizeof(xpl));
+ padlen = PFKEY_UNUNIT64(xpl.sadb_x_policy_len) - sizeof(xpl);
if (policy == IPSEC_POLICY_IPSEC) {
if_ipsec_add_mbuf(m, &xisr, sizeof(xisr));
/*
@@ -1599,11 +1600,10 @@ if_ipsec_add_sp0(struct sockaddr *src, i
*/
if_ipsec_add_mbuf_addr_port(m, src, sport, false);
if_ipsec_add_mbuf_addr_port(m, dst, dport, false);
-
- padlen = PFKEY_UNUNIT64(xpl.sadb_x_policy_len) - sizeof(xpl);
+ padlen -= PFKEY_ALIGN8(sizeof(xisr));
padlen -= PFKEY_ALIGN8(src->sa_len + dst->sa_len);
- if_ipsec_add_pad(m, padlen);
}
+ if_ipsec_add_pad(m, padlen);
/* key_kpi_spdadd() has already done KEY_SP_REF(). */
return key_kpi_spdadd(m);
