svn commit: r310394 - in projects/ipsec/sys: netinet netinet6
Andrey V. Elsukov
ae at FreeBSD.org
Thu Dec 22 13:48:30 UTC 2016
Author: ae
Date: Thu Dec 22 13:48:28 2016
New Revision: 310394
URL: https://svnweb.freebsd.org/changeset/base/310394
Log:
Remove AH/ESP/IPCOMP protocol handlers from inetsw and inet6sw lists.
Now inbound IPsec processing will be handled by IPSEC_INPUT() method.
Also declare sysctl nodes if one of IPSEC and IPSEC_SUPPORT options is
defined.
Modified:
projects/ipsec/sys/netinet/in_proto.c
projects/ipsec/sys/netinet6/in6_proto.c
Modified: projects/ipsec/sys/netinet/in_proto.c
==============================================================================
--- projects/ipsec/sys/netinet/in_proto.c Thu Dec 22 13:46:17 2016 (r310393)
+++ projects/ipsec/sys/netinet/in_proto.c Thu Dec 22 13:48:28 2016 (r310394)
@@ -90,10 +90,6 @@ __FBSDID("$FreeBSD$");
static struct pr_usrreqs nousrreqs;
-#ifdef IPSEC
-#include <netipsec/ipsec.h>
-#endif /* IPSEC */
-
#ifdef SCTP
#include <netinet/in_pcb.h>
#include <netinet/sctp_pcb.h>
@@ -222,32 +218,6 @@ struct protosw inetsw[] = {
.pr_ctloutput = rip_ctloutput,
.pr_usrreqs = &rip_usrreqs
},
-#ifdef IPSEC
-{
- .pr_type = SOCK_RAW,
- .pr_domain = &inetdomain,
- .pr_protocol = IPPROTO_AH,
- .pr_flags = PR_ATOMIC|PR_ADDR,
- .pr_input = ipsec4_common_input,
- .pr_usrreqs = &nousrreqs
-},
-{
- .pr_type = SOCK_RAW,
- .pr_domain = &inetdomain,
- .pr_protocol = IPPROTO_ESP,
- .pr_flags = PR_ATOMIC|PR_ADDR,
- .pr_input = ipsec4_common_input,
- .pr_usrreqs = &nousrreqs
-},
-{
- .pr_type = SOCK_RAW,
- .pr_domain = &inetdomain,
- .pr_protocol = IPPROTO_IPCOMP,
- .pr_flags = PR_ATOMIC|PR_ADDR,
- .pr_input = ipsec4_common_input,
- .pr_usrreqs = &nousrreqs
-},
-#endif /* IPSEC */
{
.pr_type = SOCK_RAW,
.pr_domain = &inetdomain,
@@ -364,7 +334,7 @@ SYSCTL_NODE(_net_inet, IPPROTO_TCP, tcp,
SYSCTL_NODE(_net_inet, IPPROTO_SCTP, sctp, CTLFLAG_RW, 0, "SCTP");
#endif
SYSCTL_NODE(_net_inet, IPPROTO_IGMP, igmp, CTLFLAG_RW, 0, "IGMP");
-#ifdef IPSEC
+#if defined(IPSEC) || defined(IPSEC_SUPPORT)
/* XXX no protocol # to use, pick something "reserved" */
SYSCTL_NODE(_net_inet, 253, ipsec, CTLFLAG_RW, 0, "IPSEC");
SYSCTL_NODE(_net_inet, IPPROTO_AH, ah, CTLFLAG_RW, 0, "AH");
Modified: projects/ipsec/sys/netinet6/in6_proto.c
==============================================================================
--- projects/ipsec/sys/netinet6/in6_proto.c Thu Dec 22 13:46:17 2016 (r310393)
+++ projects/ipsec/sys/netinet6/in6_proto.c Thu Dec 22 13:48:28 2016 (r310394)
@@ -121,11 +121,6 @@ __FBSDID("$FreeBSD$");
#include <netinet6/sctp6_var.h>
#endif /* SCTP */
-#ifdef IPSEC
-#include <netipsec/ipsec.h>
-#include <netipsec/ipsec6.h>
-#endif /* IPSEC */
-
#include <netinet6/ip6protosw.h>
/*
@@ -276,32 +271,6 @@ struct protosw inet6sw[] = {
.pr_input = frag6_input,
.pr_usrreqs = &nousrreqs
},
-#ifdef IPSEC
-{
- .pr_type = SOCK_RAW,
- .pr_domain = &inet6domain,
- .pr_protocol = IPPROTO_AH,
- .pr_flags = PR_ATOMIC|PR_ADDR,
- .pr_input = ipsec6_common_input,
- .pr_usrreqs = &nousrreqs,
-},
-{
- .pr_type = SOCK_RAW,
- .pr_domain = &inet6domain,
- .pr_protocol = IPPROTO_ESP,
- .pr_flags = PR_ATOMIC|PR_ADDR,
- .pr_input = ipsec6_common_input,
- .pr_usrreqs = &nousrreqs,
-},
-{
- .pr_type = SOCK_RAW,
- .pr_domain = &inet6domain,
- .pr_protocol = IPPROTO_IPCOMP,
- .pr_flags = PR_ATOMIC|PR_ADDR,
- .pr_input = ipsec6_common_input,
- .pr_usrreqs = &nousrreqs,
-},
-#endif /* IPSEC */
#ifdef INET
{
.pr_type = SOCK_RAW,
@@ -469,7 +438,7 @@ SYSCTL_NODE(_net_inet6, IPPROTO_TCP, tcp
#ifdef SCTP
SYSCTL_NODE(_net_inet6, IPPROTO_SCTP, sctp6, CTLFLAG_RW, 0, "SCTP6");
#endif
-#ifdef IPSEC
+#if defined(IPSEC) || defined(IPSEC_SUPPORT)
SYSCTL_NODE(_net_inet6, IPPROTO_ESP, ipsec6, CTLFLAG_RW, 0, "IPSEC6");
#endif /* IPSEC */
More information about the svn-src-projects
mailing list