svn commit: r310403 - projects/ipsec/sys/netinet6
Andrey V. Elsukov
ae at FreeBSD.org
Thu Dec 22 14:04:42 UTC 2016
Author: ae
Date: Thu Dec 22 14:04:41 2016
New Revision: 310403
URL: https://svnweb.freebsd.org/changeset/base/310403
Log:
Convert ip6_forward.c to use IPsec methods.
Modified:
projects/ipsec/sys/netinet6/ip6_forward.c
Modified: projects/ipsec/sys/netinet6/ip6_forward.c
==============================================================================
--- projects/ipsec/sys/netinet6/ip6_forward.c Thu Dec 22 14:03:01 2016 (r310402)
+++ projects/ipsec/sys/netinet6/ip6_forward.c Thu Dec 22 14:04:41 2016 (r310403)
@@ -69,9 +69,7 @@ __FBSDID("$FreeBSD$");
#include <netinet/in_pcb.h>
-#ifdef IPSEC
-#include <netinet6/ip6_ipsec.h>
-#endif /* IPSEC */
+#include <netipsec/ipsec_support.h>
/*
* Forward a packet. If some error occurs return the sender
@@ -152,22 +150,17 @@ ip6_forward(struct mbuf *m, int srcrt)
#endif
ip6->ip6_hlim -= IPV6_HLIMDEC;
-#ifdef IPSEC
- if (IPSEC_FORWARD(ipv6, m, &error) != 0) {
- /* mbuf consumed by IPsec */
- m_freem(mcopy);
- return;
- }
- /*
- * mbuf wasn't consumed by IPsec, check error code.
- */
- if (error != 0) {
- IP6STAT_INC(ip6s_cantforward);
- m_freem(mcopy);
- m_freem(m);
- return;
+#if defined(IPSEC) || defined(IPSEC_SUPPORT)
+ if (IPSEC_ENABLED(ipv6)) {
+ if ((error = IPSEC_FORWARD(ipv4, m)) != 0) {
+ /* mbuf consumed by IPsec */
+ m_freem(mcopy);
+ if (error != EINPROGRESS)
+ IP6STAT_INC(ip6s_cantforward);
+ return;
+ }
+ /* No IPsec processing required */
}
- /* No IPsec processing required */
#endif
again:
bzero(&rin6, sizeof(struct route_in6));
More information about the svn-src-projects
mailing list