svn commit: r309820 - projects/ipsec/sys/netipsec
Andrey V. Elsukov
ae at FreeBSD.org
Sat Dec 10 16:41:57 UTC 2016
Author: ae
Date: Sat Dec 10 16:41:55 2016
New Revision: 309820
URL: https://svnweb.freebsd.org/changeset/base/309820
Log:
Replace sav->tdb_xform == NULL check with ASSERT.
All key_allocsa* functions return SA with alive state. There is no way
to have SA without initialized tdb_xform in the savtree_alive list.
Modified:
projects/ipsec/sys/netipsec/ipsec_output.c
Modified: projects/ipsec/sys/netipsec/ipsec_output.c
==============================================================================
--- projects/ipsec/sys/netipsec/ipsec_output.c Sat Dec 10 16:21:09 2016 (r309819)
+++ projects/ipsec/sys/netipsec/ipsec_output.c Sat Dec 10 16:41:55 2016 (r309820)
@@ -171,17 +171,7 @@ next:
}
return (NULL);
}
- /*
- * Sanity check the SA content for the caller
- * before they invoke the xform output method.
- */
- if (sav->tdb_xform == NULL) {
- DPRINTF(("%s: no transform for SA\n", __func__));
- IPSEC_OSTAT_INC(isr->saidx.proto, noxform);
- key_freesav(&sav);
- *error = EHOSTUNREACH;
- return (NULL);
- }
+ IPSEC_ASSERT(sav->tdb_xform != NULL, ("SA with NULL tdb_xform"));
return (sav);
}
@@ -403,17 +393,7 @@ next:
}
return (NULL);
}
- /*
- * Sanity check the SA content for the caller
- * before they invoke the xform output method.
- */
- if (sav->tdb_xform == NULL) {
- DPRINTF(("%s: no transform for SA\n", __func__));
- IPSEC_OSTAT_INC(isr->saidx.proto, noxform);
- key_freesav(&sav);
- *error = EHOSTUNREACH;
- return (NULL);
- }
+ IPSEC_ASSERT(sav->tdb_xform != NULL, ("SA with NULL tdb_xform"));
return (sav);
}
More information about the svn-src-projects
mailing list