Date: Tue, 6 Dec 2016 11:14:31 +0000 (UTC) From: "Andrey V. Elsukov" <ae@FreeBSD.org> To: src-committers@freebsd.org, svn-src-projects@freebsd.org Subject: svn commit: r309611 - projects/ipsec/sys/netipsec Message-ID: <201612061114.uB6BEVA4033043@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: ae Date: Tue Dec 6 11:14:31 2016 New Revision: 309611 URL: https://svnweb.freebsd.org/changeset/base/309611 Log: Do not notify PF_KEY consumers about VTI security policies. It looks like IKEd do not track policies that they don't own. Modified: projects/ipsec/sys/netipsec/key.c Modified: projects/ipsec/sys/netipsec/key.c ============================================================================== --- projects/ipsec/sys/netipsec/key.c Tue Dec 6 10:55:50 2016 (r309610) +++ projects/ipsec/sys/netipsec/key.c Tue Dec 6 11:14:31 2016 (r309611) @@ -1079,7 +1079,6 @@ done: int key_register_ifnet(struct secpolicy **spp, u_int count) { - struct mbuf *m; u_int i; SPTREE_WLOCK(); @@ -1107,26 +1106,14 @@ key_register_ifnet(struct secpolicy **sp */ LIST_INSERT_HEAD(SPHASH_HASH(spp[i]->id), spp[i], idhash); spp[i]->state = IPSEC_SPSTATE_IFNET; - /* Acquire extra reference to send SPDADD message */ - SP_ADDREF(spp[i]); } SPTREE_WUNLOCK(); - /* - * Notify user processes about new SP. - */ - for (i = 0; i < count; i++) { - m = key_setdumpsp(spp[i], SADB_X_SPDADD, 0, 0); - key_freesp(&spp[i]); - if (m != NULL) - key_sendup_mbuf(NULL, m, KEY_SENDUP_ALL); - } return (0); } void key_unregister_ifnet(struct secpolicy **spp, u_int count) { - struct mbuf *m; u_int i; SPTREE_WLOCK(); @@ -1143,13 +1130,6 @@ key_unregister_ifnet(struct secpolicy ** LIST_REMOVE(spp[i], idhash); } SPTREE_WUNLOCK(); - - for (i = 0; i < count; i++) { - m = key_setdumpsp(spp[i], SADB_X_SPDDELETE, 0, 0); - key_freesp(&spp[i]); - if (m != NULL) - key_sendup_mbuf(NULL, m, KEY_SENDUP_ALL); - } } /*
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201612061114.uB6BEVA4033043>