svn commit: r241919 - head/sys/netipsec

Mon, 22 Oct 2012 15:42:44 -0700 

Author: glebius
Date: Mon Oct 22 22:42:28 2012
New Revision: 241919
URL: http://svn.freebsd.org/changeset/base/241919

Log:
  Couple of changes missed from r241913, which converted
  IPv4 stack to network byte order.

Modified:
  head/sys/netipsec/ipsec_output.c
  head/sys/netipsec/xform_ah.c

Modified: head/sys/netipsec/ipsec_output.c
==============================================================================
--- head/sys/netipsec/ipsec_output.c    Mon Oct 22 22:32:52 2012        
(r241918)
+++ head/sys/netipsec/ipsec_output.c    Mon Oct 22 22:42:28 2012        
(r241919)
@@ -197,18 +197,14 @@ ipsec_process_done(struct mbuf *m, struc
         */
        switch (saidx->dst.sa.sa_family) {
 #ifdef INET
-       struct ip *ip;
        case AF_INET:
-               ip = mtod(m, struct ip *);
-               ip->ip_len = ntohs(ip->ip_len);
-               ip->ip_off = ntohs(ip->ip_off);
-
 #ifdef IPSEC_NAT_T
                /*
                 * If NAT-T is enabled, now that all IPsec processing is done
                 * insert UDP encapsulation header after IP header.
                 */
                if (sav->natt_type) {
+                       struct ip *ip = mtod(m, struct ip *);
 #ifdef _IP_VHL
                        const int hlen = IP_VHL_HL(ip->ip_vhl);
 #else
@@ -246,7 +242,7 @@ ipsec_process_done(struct mbuf *m, struc
                        udp->uh_dport = KEY_PORTFROMSADDR(&sav->sah->saidx.dst);
                        udp->uh_sum = 0;
                        udp->uh_ulen = htons(m->m_pkthdr.len - hlen);
-                       ip->ip_len = m->m_pkthdr.len;
+                       ip->ip_len = htons(m->m_pkthdr.len);
                        ip->ip_p = IPPROTO_UDP;
 
                        if (sav->natt_type == UDP_ENCAP_ESPINUDP_NON_IKE)

Modified: head/sys/netipsec/xform_ah.c
==============================================================================
--- head/sys/netipsec/xform_ah.c        Mon Oct 22 22:32:52 2012        
(r241918)
+++ head/sys/netipsec/xform_ah.c        Mon Oct 22 22:42:28 2012        
(r241919)
@@ -305,23 +305,13 @@ ah_massage_headers(struct mbuf **m0, int
                ip->ip_ttl = 0;
                ip->ip_sum = 0;
 
-               /*
-                * On input, fix ip_len which has been byte-swapped
-                * at ip_input().
-                */
-               if (!out) {
-                       ip->ip_len = htons(ip->ip_len + skip);
+               if (!out)
+                       ip->ip_len = htons(ntohs(ip->ip_len) + skip);
 
-                       if (alg == CRYPTO_MD5_KPDK || alg == CRYPTO_SHA1_KPDK)
-                               ip->ip_off = htons(ip->ip_off & IP_DF);
-                       else
-                               ip->ip_off = 0;
-               } else {
-                       if (alg == CRYPTO_MD5_KPDK || alg == CRYPTO_SHA1_KPDK)
-                               ip->ip_off = htons(ntohs(ip->ip_off) & IP_DF);
-                       else
-                               ip->ip_off = 0;
-               }
+               if (alg == CRYPTO_MD5_KPDK || alg == CRYPTO_SHA1_KPDK)
+                       ip->ip_off &= htons(IP_DF);
+               else
+                       ip->ip_off = htons(0);
 
                ptr = mtod(m, unsigned char *) + sizeof(struct ip);
 
_______________________________________________
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"

Reply via email to