summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAngelos D. Keromytis <angelos@cvs.openbsd.org>2000-06-01 04:47:56 +0000
committerAngelos D. Keromytis <angelos@cvs.openbsd.org>2000-06-01 04:47:56 +0000
commit1b2c2513d19a3af189726e905041ae5e0b255f97 (patch)
tree8d38f49d2021e77251f51b86399b80da623591bc
parent5ab389d6d710e9d65e330c916c62983072d05dc5 (diff)
Use the cached entry for security requirements from the inp.
-rw-r--r--sys/netinet/ip_output.c16
1 files changed, 8 insertions, 8 deletions
diff --git a/sys/netinet/ip_output.c b/sys/netinet/ip_output.c
index affcb60b4c5..e9c1d85b44c 100644
--- a/sys/netinet/ip_output.c
+++ b/sys/netinet/ip_output.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ip_output.c,v 1.70 2000/06/01 04:38:34 angelos Exp $ */
+/* $OpenBSD: ip_output.c,v 1.71 2000/06/01 04:47:55 angelos Exp $ */
/* $NetBSD: ip_output.c,v 1.28 1996/02/13 23:43:07 christos Exp $ */
/*
@@ -85,6 +85,9 @@
extern u_int8_t get_sa_require __P((struct inpcb *));
+extern int ipsec_auth_default_level;
+extern int ipsec_esp_trans_default_level;
+extern int ipsec_esp_network_default_level;
#endif /* IPSEC */
static struct mbuf *ip_insertoptions __P((struct mbuf *, struct mbuf *, int *));
@@ -94,12 +97,6 @@ static void ip_mloopback
int (*fr_checkp) __P((struct ip *, int, struct ifnet *, int, struct mbuf **));
#endif
-#ifdef IPSEC
-extern int ipsec_auth_default_level;
-extern int ipsec_esp_trans_default_level;
-extern int ipsec_esp_network_default_level;
-#endif
-
/*
* IP output. The packet in mbuf chain m contains a skeletal IP
* header (with len, off, ttl, proto, tos, src, dst).
@@ -349,7 +346,10 @@ sendit:
inp->inp_seclevel[SL_AUTH] != IPSEC_LEVEL_BYPASS ||
inp->inp_seclevel[SL_ESP_TRANS] != IPSEC_LEVEL_BYPASS ||
inp->inp_seclevel[SL_ESP_NETWORK] != IPSEC_LEVEL_BYPASS)) {
- sa_require = get_sa_require(inp);
+ if (inp == NULL)
+ sa_require = get_sa_require(NULL);
+ else
+ sa_require = inp->inp_secrequire;
/*
* Check if there was an outgoing SA bound to the flow