diff options
| author | Alexander Bluhm <bluhm@cvs.openbsd.org> | 2021-12-03 17:18:35 +0000 |
|---|---|---|
| committer | Alexander Bluhm <bluhm@cvs.openbsd.org> | 2021-12-03 17:18:35 +0000 |
| commit | a1d5abe1d502f970a79317fe1811cb26827aeb98 (patch) | |
| tree | b634a039939ba6aabb91393d2d2deaca0b87020b /sys/net/if_bridge.c | |
| parent | 0285b2528a887ede4d0d8e002d48e65c1ad4a315 (diff) | |
Add TDB reference counting to ipsp_spd_lookup(). If an output
pointer is passed to the function, it will return a refcounted TDB.
The ref happens when ipsp_spd_inp() copies the pointer from
ipo->ipo_tdb. The caller of ipsp_spd_lookup() has to unref after
using it.
tested by Hrvoje Popovski; OK mvs@ tobhe@
Diffstat (limited to 'sys/net/if_bridge.c')
| -rw-r--r-- | sys/net/if_bridge.c | 10 |
1 files changed, 7 insertions, 3 deletions
diff --git a/sys/net/if_bridge.c b/sys/net/if_bridge.c index c7ebf80173a..9bc7c3e7522 100644 --- a/sys/net/if_bridge.c +++ b/sys/net/if_bridge.c @@ -1,4 +1,4 @@ -/* $OpenBSD: if_bridge.c,v 1.360 2021/12/01 12:51:09 bluhm Exp $ */ +/* $OpenBSD: if_bridge.c,v 1.361 2021/12/03 17:18:34 bluhm Exp $ */ /* * Copyright (c) 1999, 2000 Jason L. Wright (jason@thought.net) @@ -1606,11 +1606,14 @@ bridge_ipsec(struct ifnet *ifp, struct ether_header *eh, int hassnap, tdb->tdb_tap)) == NULL || pf_test(af, dir, encif, &m) != PF_PASS) { m_freem(m); + tdb_unref(tdb); return (1); } - if (m == NULL) + if (m == NULL) { + tdb_unref(tdb); return (1); - else if (af == AF_INET) + } + if (af == AF_INET) in_proto_cksum_out(m, encif); #ifdef INET6 else if (af == AF_INET6) @@ -1628,6 +1631,7 @@ bridge_ipsec(struct ifnet *ifp, struct ether_header *eh, int hassnap, ICMP_UNREACH, ICMP_UNREACH_NEEDFRAG); else error = ipsp_process_packet(m, tdb, af, 0); + tdb_unref(tdb); return (1); } else return (0); |