Fixed the problem that IPsec connection hangs when bigger data is sent.
-opt_ipsec.h was missing on some tcp files (sorry for basic mistake) -made buildable as above fix -also added some missing IPv4 mapped IPv6 addr consideration into ipsec4_getpolicybysock
This commit is contained in:
parent
e41bceb344
commit
e7b807d1e3
@ -36,6 +36,7 @@
|
||||
|
||||
#include "opt_ipfw.h" /* for ipfw_fwd */
|
||||
#include "opt_inet6.h"
|
||||
#include "opt_ipsec.h"
|
||||
#include "opt_tcpdebug.h"
|
||||
#include "opt_tcp_input.h"
|
||||
|
||||
@ -93,6 +94,9 @@ struct tcphdr tcp_savetcp;
|
||||
|
||||
#ifdef IPSEC
|
||||
#include <netinet6/ipsec.h>
|
||||
#ifdef INET6
|
||||
#include <netinet6/ipsec6.h>
|
||||
#endif
|
||||
#include <netkey/key.h>
|
||||
#endif /*IPSEC*/
|
||||
|
||||
|
@ -35,6 +35,7 @@
|
||||
*/
|
||||
|
||||
#include "opt_inet6.h"
|
||||
#include "opt_ipsec.h"
|
||||
#include "opt_tcpdebug.h"
|
||||
|
||||
#include <stddef.h>
|
||||
@ -75,6 +76,10 @@
|
||||
#include <netinet/tcp_debug.h>
|
||||
#endif
|
||||
|
||||
#ifdef IPSEC
|
||||
#include <netinet6/ipsec.h>
|
||||
#endif /*IPSEC*/
|
||||
|
||||
#ifdef notyet
|
||||
extern struct mbuf *m_copypack();
|
||||
#endif
|
||||
|
@ -36,6 +36,7 @@
|
||||
|
||||
#include "opt_ipfw.h" /* for ipfw_fwd */
|
||||
#include "opt_inet6.h"
|
||||
#include "opt_ipsec.h"
|
||||
#include "opt_tcpdebug.h"
|
||||
#include "opt_tcp_input.h"
|
||||
|
||||
@ -93,6 +94,9 @@ struct tcphdr tcp_savetcp;
|
||||
|
||||
#ifdef IPSEC
|
||||
#include <netinet6/ipsec.h>
|
||||
#ifdef INET6
|
||||
#include <netinet6/ipsec6.h>
|
||||
#endif
|
||||
#include <netkey/key.h>
|
||||
#endif /*IPSEC*/
|
||||
|
||||
|
@ -36,6 +36,7 @@
|
||||
|
||||
#include "opt_compat.h"
|
||||
#include "opt_inet6.h"
|
||||
#include "opt_ipsec.h"
|
||||
#include "opt_tcpdebug.h"
|
||||
|
||||
#include <sys/param.h>
|
||||
|
@ -36,6 +36,7 @@
|
||||
|
||||
#include "opt_compat.h"
|
||||
#include "opt_inet6.h"
|
||||
#include "opt_ipsec.h"
|
||||
#include "opt_tcpdebug.h"
|
||||
|
||||
#include <sys/param.h>
|
||||
|
@ -219,22 +219,20 @@ ipsec4_getpolicybysock(m, dir, so, error)
|
||||
if (m == NULL || so == NULL || error == NULL)
|
||||
panic("ipsec4_getpolicybysock: NULL pointer was passed.\n");
|
||||
|
||||
switch (so->so_proto->pr_domain->dom_family) {
|
||||
case AF_INET:
|
||||
if ((sotoinpcb(so)->inp_vflag & INP_IPV4) != 0) {
|
||||
/* set spidx in pcb */
|
||||
ipsec4_setspidx_inpcb(m, sotoinpcb(so));
|
||||
pcbsp = sotoinpcb(so)->inp_sp;
|
||||
break;
|
||||
}
|
||||
#ifdef INET6
|
||||
case AF_INET6:
|
||||
else if ((sotoinpcb(so)->inp_vflag & INP_IPV6) != 0) {
|
||||
/* set spidx in pcb */
|
||||
ipsec6_setspidx_in6pcb(m, sotoin6pcb(so));
|
||||
pcbsp = sotoin6pcb(so)->in6p_sp;
|
||||
break;
|
||||
#endif
|
||||
default:
|
||||
panic("ipsec4_getpolicybysock: unsupported address family\n");
|
||||
}
|
||||
#endif
|
||||
else
|
||||
panic("ipsec4_getpolicybysock: unsupported address family\n");
|
||||
|
||||
/* sanity check */
|
||||
if (pcbsp == NULL)
|
||||
|
@ -288,7 +288,7 @@ extern int ipsec_chkreplay __P((u_int32_t, struct secasvar *));
|
||||
extern int ipsec_updatereplay __P((u_int32_t, struct secasvar *));
|
||||
|
||||
extern size_t ipsec4_hdrsiz __P((struct mbuf *, u_int, struct inpcb *));
|
||||
extern size_t ipsec_hdrsiz_tcp __P((struct tcpcb *, int));
|
||||
extern size_t ipsec_hdrsiz_tcp __P((struct tcpcb *));
|
||||
|
||||
struct ip;
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user