diff options
author | Angelos D. Keromytis <angelos@cvs.openbsd.org> | 2001-06-24 22:51:00 +0000 |
---|---|---|
committer | Angelos D. Keromytis <angelos@cvs.openbsd.org> | 2001-06-24 22:51:00 +0000 |
commit | 8694dfe4271b2e2e3e075c56f7d864f2339ac3f2 (patch) | |
tree | b30c53d43cabe22dd953f1a86dd2bc2f54635802 /sys | |
parent | 155f9ab459b6eeca4c604e698ddd073d0ea4b680 (diff) |
Save tdb_remote_auth on the PCB on latching; also save information on
UDP PCB's if the socket is connected.
Diffstat (limited to 'sys')
-rw-r--r-- | sys/netinet/tcp_input.c | 8 | ||||
-rw-r--r-- | sys/netinet/udp_usrreq.c | 33 |
2 files changed, 37 insertions, 4 deletions
diff --git a/sys/netinet/tcp_input.c b/sys/netinet/tcp_input.c index 77e378964e7..9b9beb37ef8 100644 --- a/sys/netinet/tcp_input.c +++ b/sys/netinet/tcp_input.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tcp_input.c,v 1.97 2001/06/23 18:54:44 angelos Exp $ */ +/* $OpenBSD: tcp_input.c,v 1.98 2001/06/24 22:50:58 angelos Exp $ */ /* $NetBSD: tcp_input.c,v 1.23 1996/02/13 23:43:44 christos Exp $ */ /* @@ -839,6 +839,12 @@ findpcb: tdb->tdb_remote_cred; tdb->tdb_remote_cred->ref_count++; } + if (inp->inp_ipsec_remoteauth == NULL && + tdb->tdb_remote_auth != NULL) { + inp->inp_ipsec_remoteauth = + tdb->tdb_remote_auth; + tdb->tdb_remote_auth->ref_count++; + } } else { /* Just reset */ TAILQ_REMOVE(&inp->inp_tdb_in->tdb_inp_in, inp, inp_tdb_in_next); diff --git a/sys/netinet/udp_usrreq.c b/sys/netinet/udp_usrreq.c index 094f2c22230..7973e862e39 100644 --- a/sys/netinet/udp_usrreq.c +++ b/sys/netinet/udp_usrreq.c @@ -1,4 +1,4 @@ -/* $OpenBSD: udp_usrreq.c,v 1.70 2001/06/23 18:54:44 angelos Exp $ */ +/* $OpenBSD: udp_usrreq.c,v 1.71 2001/06/24 22:50:59 angelos Exp $ */ /* $NetBSD: udp_usrreq.c,v 1.28 1996/03/16 23:54:03 christos Exp $ */ /* @@ -547,9 +547,36 @@ udp_input(m, va_alist) tdb = NULL; ipsp_spd_lookup(m, srcsa.sa.sa_family, iphlen, &error, IPSP_DIRECTION_IN, tdb, inp); - splx(s); - /* No SA latching done for UDP. */ + /* Latch SA only if the socket is connected */ + if (inp->inp_tdb_in != tdb && + (inp->inp_socket->so_state & SS_ISCONNECTED)) { + if (tdb) { + tdb_add_inp(tdb, inp, 1); + if (inp->inp_ipsec_remoteid == NULL && + tdb->tdb_srcid != NULL) { + inp->inp_ipsec_remoteid = tdb->tdb_srcid; + tdb->tdb_srcid->ref_count++; + } + if (inp->inp_ipsec_remotecred == NULL && + tdb->tdb_remote_cred != NULL) { + inp->inp_ipsec_remotecred = + tdb->tdb_remote_cred; + tdb->tdb_remote_cred->ref_count++; + } + if (inp->inp_ipsec_remoteauth == NULL && + tdb->tdb_remote_auth != NULL) { + inp->inp_ipsec_remoteauth = + tdb->tdb_remote_auth; + tdb->tdb_remote_auth->ref_count++; + } + } else { /* Just reset */ + TAILQ_REMOVE(&inp->inp_tdb_in->tdb_inp_in, inp, + inp_tdb_in_next); + inp->inp_tdb_in = NULL; + } + } + splx(s); /* Error or otherwise drop-packet indication. */ if (error) |