From ddaffbbc60905c29c6323e647453b5ae5e248a23 Mon Sep 17 00:00:00 2001 From: Markus Friedl Date: Fri, 27 May 2005 18:23:19 +0000 Subject: comment out unused PACKET_TAG_IPSEC_IN_CRYPTO_DONE code; ok hshoexer --- sys/netinet/ip_ah.c | 9 +++++++-- sys/netinet/ip_esp.c | 9 +++++++-- 2 files changed, 14 insertions(+), 4 deletions(-) diff --git a/sys/netinet/ip_ah.c b/sys/netinet/ip_ah.c index ef632660fcb..b6ca4aabb67 100644 --- a/sys/netinet/ip_ah.c +++ b/sys/netinet/ip_ah.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ip_ah.c,v 1.79 2003/08/14 19:00:12 jason Exp $ */ +/* $OpenBSD: ip_ah.c,v 1.80 2005/05/27 18:23:18 markus Exp $ */ /* * The authors of this code are John Ioannidis (ji@tla.org), * Angelos D. Keromytis (kermit@csd.uch.gr) and @@ -494,7 +494,6 @@ int ah_input(struct mbuf *m, struct tdb *tdb, int skip, int protoff) { struct auth_hash *ahx = (struct auth_hash *) tdb->tdb_authalgxform; - struct tdb_ident *tdbi; struct tdb_crypto *tc; struct m_tag *mtag; u_int32_t btsx; @@ -606,10 +605,13 @@ ah_input(struct mbuf *m, struct tdb *tdb, int skip, int protoff) crda->crd_key = tdb->tdb_amxkey; crda->crd_klen = tdb->tdb_amxkeylen * 8; +#ifdef notyet /* Find out if we've already done crypto. */ for (mtag = m_tag_find(m, PACKET_TAG_IPSEC_IN_CRYPTO_DONE, NULL); mtag != NULL; mtag = m_tag_find(m, PACKET_TAG_IPSEC_IN_CRYPTO_DONE, mtag)) { + struct tdb_ident *tdbi; + tdbi = (struct tdb_ident *) (mtag + 1); if (tdbi->proto == tdb->tdb_sproto && tdbi->spi == tdb->tdb_spi && @@ -617,6 +619,9 @@ ah_input(struct mbuf *m, struct tdb *tdb, int skip, int protoff) sizeof(union sockaddr_union))) break; } +#else + mtag = NULL; +#endif /* Allocate IPsec-specific opaque crypto info. */ if (mtag == NULL) diff --git a/sys/netinet/ip_esp.c b/sys/netinet/ip_esp.c index 26f2a1eff29..de2894d89c6 100644 --- a/sys/netinet/ip_esp.c +++ b/sys/netinet/ip_esp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ip_esp.c,v 1.90 2005/05/25 05:47:53 markus Exp $ */ +/* $OpenBSD: ip_esp.c,v 1.91 2005/05/27 18:23:18 markus Exp $ */ /* * The authors of this code are John Ioannidis (ji@tla.org), * Angelos D. Keromytis (kermit@csd.uch.gr) and @@ -276,7 +276,6 @@ esp_input(struct mbuf *m, struct tdb *tdb, int skip, int protoff) { struct auth_hash *esph = (struct auth_hash *) tdb->tdb_authalgxform; struct enc_xform *espx = (struct enc_xform *) tdb->tdb_encalgxform; - struct tdb_ident *tdbi; struct tdb_crypto *tc; int plen, alen, hlen; struct m_tag *mtag; @@ -368,15 +367,21 @@ esp_input(struct mbuf *m, struct tdb *tdb, int skip, int protoff) tdb->tdb_flags &= ~TDBF_SOFT_BYTES; /* Turn off checking */ } +#ifdef notyet /* Find out if we've already done crypto */ for (mtag = m_tag_find(m, PACKET_TAG_IPSEC_IN_CRYPTO_DONE, NULL); mtag != NULL; mtag = m_tag_find(m, PACKET_TAG_IPSEC_IN_CRYPTO_DONE, mtag)) { + struct tdb_ident *tdbi; + tdbi = (struct tdb_ident *) (mtag + 1); if (tdbi->proto == tdb->tdb_sproto && tdbi->spi == tdb->tdb_spi && !bcmp(&tdbi->dst, &tdb->tdb_dst, sizeof(union sockaddr_union))) break; } +#else + mtag = NULL; +#endif /* Get crypto descriptors */ crp = crypto_getreq(esph && espx ? 2 : 1); -- cgit v1.2.3