Use packet tags instead of tdbi.

4 files changed, 43 insertions, 51 deletions

diff --git a/sys/netinet/ip_icmp.c b/sys/netinet/ip_icmp.c
index 65f604a7bf6..0ac2b581a89 100644
--- a/sys/netinet/ip_icmp.c
+++ b/sys/netinet/ip_icmp.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: ip_icmp.c,v 1.34 2001/05/11 17:20:11 aaron Exp $	*/
+/*	$OpenBSD: ip_icmp.c,v 1.35 2001/05/20 08:35:10 angelos Exp $	*/
 /*	$NetBSD: ip_icmp.c,v 1.19 1996/02/13 23:42:22 christos Exp $	*/
 
 /*
@@ -366,13 +366,10 @@ icmp_input(m, va_alist)
 			goto badcode;
 		code = PRC_QUENCH;
 	deliver:
-		/*
-		 * Free packet atttributes. XXX
-		 */
-		if ((m->m_flags & M_PKTHDR) && (m->m_pkthdr.tdbi)) {
-		    free(m->m_pkthdr.tdbi, M_TEMP);
-		    m->m_pkthdr.tdbi = NULL;
-		}
+		/* Free packet atttributes */
+		if (m->m_flags & M_PKTHDR)
+			m_tag_delete_chain(m, NULL);
+
 		/*
 		 * Problem with datagram; advise higher level routines.
 		 */
@@ -473,13 +470,10 @@ icmp_input(m, va_alist)
 				ip->ip_src = ia->ia_dstaddr.sin_addr;
 		}
 reflect:
-		/*
-		 * Free packet atttributes. XXX
-		 */
-		if ((m->m_flags & M_PKTHDR) && (m->m_pkthdr.tdbi)) {
-		    free(m->m_pkthdr.tdbi, M_TEMP);
-		    m->m_pkthdr.tdbi = NULL;
-		}
+		/* Free packet atttributes */
+		if (m->m_flags & M_PKTHDR)
+			m_tag_delete_chain(m, NULL);
+
 		ip->ip_len += hlen;	/* since ip_input deducts this */
 		icmpstat.icps_reflect++;
 		icmpstat.icps_outhist[icp->icmp_type]++;
@@ -487,13 +481,9 @@ reflect:
 		return;
 
 	case ICMP_REDIRECT:
-		/*
-		 * Free packet atttributes. XXX
-		 */
-		if ((m->m_flags & M_PKTHDR) && (m->m_pkthdr.tdbi)) {
-		    free(m->m_pkthdr.tdbi, M_TEMP);
-		    m->m_pkthdr.tdbi = NULL;
-		}
+		/* Free packet atttributes */
+		if (m->m_flags & M_PKTHDR)
+			m_tag_delete_chain(m, NULL);
 		if (code > 3)
 			goto badcode;
 		if (icmplen < ICMP_ADVLENMIN || icmplen < ICMP_ADVLEN(icp) ||
diff --git a/sys/netinet/ip_input.c b/sys/netinet/ip_input.c
index f300c689251..bab9389c91a 100644
--- a/sys/netinet/ip_input.c
+++ b/sys/netinet/ip_input.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: ip_input.c,v 1.69 2001/05/16 06:38:25 fgsch Exp $	*/
+/*	$OpenBSD: ip_input.c,v 1.70 2001/05/20 08:35:11 angelos Exp $	*/
 /*	$NetBSD: ip_input.c,v 1.30 1996/03/16 23:53:58 christos Exp $	*/
 
 /*
@@ -302,6 +302,7 @@ ipv4_input(struct mbuf *m, ...)
 	int error, s;
 	struct tdb *tdb;
 	struct tdb_ident *tdbi;
+	struct m_tag *mtag;
 #endif /* IPSEC */
 
 	va_start(ap, m);
@@ -499,15 +500,15 @@ ipv4_input(struct mbuf *m, ...)
 	} else {
 #ifdef IPSEC
 	        /* IPsec policy check for forwarded packets */
+		mtag = m_tag_find(m, PACKET_TAG_IPSEC_DONE, NULL);
                 s = splnet();
-		tdbi = (struct tdb_ident *) m->m_pkthdr.tdbi;
-                if (tdbi == NULL)
-                  tdb = NULL;
-                else
-                  tdb = gettdb(tdbi->spi, &tdbi->dst, tdbi->proto);
-
+		if (mtag != NULL) {
+			tdbi = (struct tdb_ident *)(mtag + 1);
+			tdb = gettdb(tdbi->spi, &tdbi->dst, tdbi->proto);
+		} else
+			tdb = NULL;
 	        ipsp_spd_lookup(m, AF_INET, hlen, &error,
-		  	        IPSP_DIRECTION_IN, tdb, NULL);
+		    IPSP_DIRECTION_IN, tdb, NULL);
                 splx(s);
 
 		/* Error or otherwise drop-packet indication */
@@ -646,15 +647,15 @@ found:
 	  goto skipipsec;
 
 	/* IPsec policy check for local-delivery packets */
+	mtag = m_tag_find(m, PACKET_TAG_IPSEC_DONE, NULL); 
         s = splnet();
-	tdbi = (struct tdb_ident *) m->m_pkthdr.tdbi;
-        if (tdbi == NULL)
-                tdb = NULL;
-        else
+	if (mtag) {
+		tdbi = (struct tdb_ident *)(mtag + 1);
 	        tdb = gettdb(tdbi->spi, &tdbi->dst, tdbi->proto);
-
+	} else
+		tdb = NULL;
 	ipsp_spd_lookup(m, AF_INET, hlen, &error, IPSP_DIRECTION_IN,
-			tdb, NULL);
+	    tdb, NULL);
         splx(s);
 
 	/* Error or otherwise drop-packet indication */
diff --git a/sys/netinet/tcp_input.c b/sys/netinet/tcp_input.c
index 4a3fd659803..20c4399fbb1 100644
--- a/sys/netinet/tcp_input.c
+++ b/sys/netinet/tcp_input.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: tcp_input.c,v 1.87 2001/05/12 18:35:17 aaron Exp $	*/
+/*	$OpenBSD: tcp_input.c,v 1.88 2001/05/20 08:35:11 angelos Exp $	*/
 /*	$NetBSD: tcp_input.c,v 1.23 1996/02/13 23:43:44 christos Exp $	*/
 
 /*
@@ -392,6 +392,7 @@ tcp_input(m, va_alist)
 	struct ip6_hdr *ipv6 = NULL;
 #endif /* INET6 */
 #ifdef IPSEC
+	struct m_tag *mtag;
 	struct tdb_ident *tdbi;
 	struct tdb *tdb;
 	int error, s;
@@ -765,15 +766,15 @@ findpcb:
 	}
 
 #ifdef IPSEC
+	mtag = m_tag_find(m, PACKET_TAG_IPSEC_DONE, NULL);
         s = splnet();
-	tdbi = (struct tdb_ident *) m->m_pkthdr.tdbi;
-        if (tdbi == NULL)
-                tdb = NULL;
-        else
+	if (mtag != NULL) {
+		tdbi = (struct tdb_ident *)(mtag + 1);
 	        tdb = gettdb(tdbi->spi, &tdbi->dst, tdbi->proto);
-
+	} else
+		tdb = NULL;
 	ipsp_spd_lookup(m, af, iphlen, &error, IPSP_DIRECTION_IN,
-			tdb, inp);
+	    tdb, inp);
 
 	/* Latch SA */
 	if (inp->inp_tdb_in != tdb) {
diff --git a/sys/netinet/udp_usrreq.c b/sys/netinet/udp_usrreq.c
index 6afae145697..3c3d6be9490 100644
--- a/sys/netinet/udp_usrreq.c
+++ b/sys/netinet/udp_usrreq.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: udp_usrreq.c,v 1.57 2001/05/11 17:20:12 aaron Exp $	*/
+/*	$OpenBSD: udp_usrreq.c,v 1.58 2001/05/20 08:35:12 angelos Exp $	*/
 /*	$NetBSD: udp_usrreq.c,v 1.28 1996/03/16 23:54:03 christos Exp $	*/
 
 /*
@@ -172,6 +172,7 @@ udp_input(m, va_alist)
 	struct ip6_hdr *ipv6;
 #endif /* INET6 */
 #ifdef IPSEC
+	struct m_tag *mtag;
 	struct tdb_ident *tdbi;
 	struct tdb *tdb;
 	int error, s;
@@ -516,16 +517,15 @@ udp_input(m, va_alist)
 	}
 
 #ifdef IPSEC
-	tdbi = (struct tdb_ident *) m->m_pkthdr.tdbi;
-
+	mtag = m_tag_find(m, PACKET_TAG_IPSEC_DONE, NULL);
         s = splnet();
-        if (tdbi == NULL)
-                tdb = NULL;
-        else
+	if (mtag != NULL) {
+		tdbi = (struct tdb_ident *)(mtag + 1);
 	        tdb = gettdb(tdbi->spi, &tdbi->dst, tdbi->proto);
-
+	} else
+		tdb = NULL;
 	ipsp_spd_lookup(m, srcsa.sa.sa_family, iphlen, &error,
-			IPSP_DIRECTION_IN, tdb, inp);
+	    IPSP_DIRECTION_IN, tdb, inp);
         splx(s);
 
 	/* No SA latching done for UDP */