diff options
author | Alexander Bluhm <bluhm@cvs.openbsd.org> | 2022-03-06 15:24:51 +0000 |
---|---|---|
committer | Alexander Bluhm <bluhm@cvs.openbsd.org> | 2022-03-06 15:24:51 +0000 |
commit | cd888820e08572ba864f389dc73675e15cef8db1 (patch) | |
tree | 3e79072072bf276522dcdc347f645bd9c6f3749c /sys/dev/ic | |
parent | 552a4dcf73d9f6da785baf3f6cdf12c46ceea2da (diff) |
Usually we check ipsec_in_use as shortcut to avoid IPsec lookups,
but that does not work when coming from tcp_output() as inp != NULL.
This seems to be done to block packets from sockets with options
in inp_seclevel. But instead of doing the route lookup, go directly
to ipsp_spd_inp() where the socket policy checks are done. Calling
rtable_l2() before the shortcut also costs a bit, do it when needed.
OK tobhe@
Diffstat (limited to 'sys/dev/ic')
0 files changed, 0 insertions, 0 deletions