Mon Feb 9 15:06:38 2009 UTC ()
Back out my previous change.  The problem I'm chasgin is with the
initialization of ports in saidx's when IPSEC_NAT_T is defined but the
association connection is not using nat traversal.  Stay tuned.


(skd)
diff -r1.58 -r1.59 src/sys/netipsec/key.c
cvs diff -r1.58 -r1.59 src/sys/netipsec/key.c (expand / switch to unified diff)

--- src/sys/netipsec/key.c 2009/01/28 19:06:03 1.58
+++ src/sys/netipsec/key.c 2009/02/09 15:06:37 1.59
@@ -1,14 +1,14 @@ @@ -1,14 +1,14 @@
1/* $NetBSD: key.c,v 1.58 2009/01/28 19:06:03 skd Exp $ */ 1/* $NetBSD: key.c,v 1.59 2009/02/09 15:06:37 skd Exp $ */
2/* $FreeBSD: src/sys/netipsec/key.c,v 1.3.2.3 2004/02/14 22:23:23 bms Exp $ */ 2/* $FreeBSD: src/sys/netipsec/key.c,v 1.3.2.3 2004/02/14 22:23:23 bms Exp $ */
3/* $KAME: key.c,v 1.191 2001/06/27 10:46:49 sakane Exp $ */ 3/* $KAME: key.c,v 1.191 2001/06/27 10:46:49 sakane Exp $ */
4  4
5/* 5/*
6 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 6 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
7 * All rights reserved. 7 * All rights reserved.
8 * 8 *
9 * Redistribution and use in source and binary forms, with or without 9 * Redistribution and use in source and binary forms, with or without
10 * modification, are permitted provided that the following conditions 10 * modification, are permitted provided that the following conditions
11 * are met: 11 * are met:
12 * 1. Redistributions of source code must retain the above copyright 12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer. 13 * notice, this list of conditions and the following disclaimer.
14 * 2. Redistributions in binary form must reproduce the above copyright 14 * 2. Redistributions in binary form must reproduce the above copyright
@@ -22,27 +22,27 @@ @@ -22,27 +22,27 @@
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 24 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31 * SUCH DAMAGE. 31 * SUCH DAMAGE.
32 */ 32 */
33 33
34#include <sys/cdefs.h> 34#include <sys/cdefs.h>
35__KERNEL_RCSID(0, "$NetBSD: key.c,v 1.58 2009/01/28 19:06:03 skd Exp $"); 35__KERNEL_RCSID(0, "$NetBSD: key.c,v 1.59 2009/02/09 15:06:37 skd Exp $");
36 36
37/* 37/*
38 * This code is referd to RFC 2367 38 * This code is referd to RFC 2367
39 */ 39 */
40 40
41#include "opt_inet.h" 41#include "opt_inet.h"
42#ifdef __FreeBSD__ 42#ifdef __FreeBSD__
43#include "opt_inet6.h" 43#include "opt_inet6.h"
44#endif 44#endif
45#include "opt_ipsec.h" 45#include "opt_ipsec.h"
46#ifdef __NetBSD__ 46#ifdef __NetBSD__
47#include "opt_gateway.h" 47#include "opt_gateway.h"
48#endif 48#endif
@@ -3069,27 +3069,27 @@ key_delsav(struct secasvar *sav) @@ -3069,27 +3069,27 @@ key_delsav(struct secasvar *sav)
3069 * search SAD. 3069 * search SAD.
3070 * OUT: 3070 * OUT:
3071 * NULL : not found 3071 * NULL : not found
3072 * others : found, pointer to a SA. 3072 * others : found, pointer to a SA.
3073 */ 3073 */
3074static struct secashead * 3074static struct secashead *
3075key_getsah(struct secasindex *saidx) 3075key_getsah(struct secasindex *saidx)
3076{ 3076{
3077 struct secashead *sah; 3077 struct secashead *sah;
3078 3078
3079 LIST_FOREACH(sah, &sahtree, chain) { 3079 LIST_FOREACH(sah, &sahtree, chain) {
3080 if (sah->state == SADB_SASTATE_DEAD) 3080 if (sah->state == SADB_SASTATE_DEAD)
3081 continue; 3081 continue;
3082 if (key_cmpsaidx(&sah->saidx, saidx, CMP_REQID) == 0) 3082 if (key_cmpsaidx(&sah->saidx, saidx, CMP_REQID))
3083 return sah; 3083 return sah;
3084 } 3084 }
3085 3085
3086 return NULL; 3086 return NULL;
3087} 3087}
3088 3088
3089/* 3089/*
3090 * check not to be duplicated SPI. 3090 * check not to be duplicated SPI.
3091 * NOTE: this function is too slow due to searching all SAD. 3091 * NOTE: this function is too slow due to searching all SAD.
3092 * OUT: 3092 * OUT:
3093 * NULL : not found 3093 * NULL : not found
3094 * others : found, pointer to a SA. 3094 * others : found, pointer to a SA.
3095 */ 3095 */