check whether the packet is tunnel mode. reported from <larse@ISI.EDU>

Obtained from:	KAME
This commit is contained in:
Hajimu UMEMOTO 2000-11-03 06:10:56 +00:00
parent 4c4f66db72
commit f09a94dbe3

View File

@ -3148,6 +3148,8 @@ ipsec4_tunnel_validate(ip, nxt0, sav)
if (nxt != IPPROTO_IPV4)
return 0;
if (sav->sah->saidx.mode != IPSEC_MODE_TUNNEL)
return 0;
#ifdef _IP_VHL
hlen = _IP_VHL_HL(ip->ip_vhl) << 2;
#else
@ -3186,6 +3188,8 @@ ipsec6_tunnel_validate(ip6, nxt0, sav)
if (nxt != IPPROTO_IPV6)
return 0;
if (sav->sah->saidx.mode != IPSEC_MODE_TUNNEL)
return 0;
switch (((struct sockaddr *)&sav->sah->saidx.dst)->sa_family) {
case AF_INET6:
sin6 = ((struct sockaddr_in6 *)&sav->sah->saidx.dst);