> On 26 Oct 2021, at 00:52, Alexander Bluhm <[email protected]> wrote:
>
> Hi,
>
> The implementation of ipsp_spd_inp() is side effect free. It sets
> the error output parameter and returns a tdb. Both are ignored in
> in_pcbconnect(). So this code does nothing.
>
> ok?
>
ok mvs@
> bluhm
>
> Index: netinet/in_pcb.c
> ===================================================================
> RCS file: /cvs/src/sys/netinet/in_pcb.c,v
> retrieving revision 1.255
> diff -u -p -r1.255 in_pcb.c
> --- netinet/in_pcb.c 10 Mar 2021 10:21:48 -0000 1.255
> +++ netinet/in_pcb.c 25 Oct 2021 21:49:13 -0000
> @@ -525,14 +525,6 @@ in_pcbconnect(struct inpcb *inp, struct
> inp->inp_flowid = stoeplitz_ip4port(inp->inp_faddr.s_addr,
> inp->inp_laddr.s_addr, inp->inp_fport, inp->inp_lport);
> #endif
> -#ifdef IPSEC
> - {
> - /* Cause an IPsec SA to be established. */
> - /* error is just ignored */
> - ipsp_spd_inp(NULL, AF_INET, 0, &error, IPSP_DIRECTION_OUT,
> - NULL, inp, NULL);
> - }
> -#endif
> return (0);
> }
>
>
