Fix bug with IP_DF handling which was breaking TCP: on FreeBSD, ip_off
is assumed to be in host byteorder during the input(?) path. NetBSD keeps ip_off and ip_len in network order. Add (or remove) byteswaps accordingly. TCP over fast_ipsec now works with PMTU, as well as without.
This commit is contained in:
parent
77db8900ab
commit
2ea4c76684
@ -1,9 +1,9 @@
|
||||
/* $NetBSD: ipsec_input.c,v 1.2 2003/08/15 03:50:21 jonathan Exp $ */
|
||||
/* $NetBSD: ipsec_input.c,v 1.3 2003/08/15 17:14:31 jonathan Exp $ */
|
||||
/* $FreeBSD: src/sys/netipsec/ipsec_input.c,v 1.2.4.1 2003/01/24 05:11:35 sam Exp $ */
|
||||
/* $KAME: ipsec.c,v 1.103 2001/05/24 07:14:18 sakane Exp $ */
|
||||
|
||||
#include <sys/cdefs.h>
|
||||
__KERNEL_RCSID(0, "$NetBSD: ipsec_input.c,v 1.2 2003/08/15 03:50:21 jonathan Exp $");
|
||||
__KERNEL_RCSID(0, "$NetBSD: ipsec_input.c,v 1.3 2003/08/15 17:14:31 jonathan Exp $");
|
||||
|
||||
/*
|
||||
* IPsec input processing.
|
||||
@ -261,7 +261,10 @@ ipsec4_common_input_cb(struct mbuf *m, struct secasvar *sav,
|
||||
|
||||
ip = mtod(m, struct ip *);
|
||||
ip->ip_len = htons(m->m_pkthdr.len);
|
||||
#ifdef __FreeBSD__
|
||||
/* On FreeBSD, ip_off and ip_len assumed in host endian. */
|
||||
ip->ip_off = htons(ip->ip_off);
|
||||
#endif
|
||||
ip->ip_sum = 0;
|
||||
ip->ip_sum = in_cksum(m, ip->ip_hl << 2);
|
||||
} else {
|
||||
|
@ -1,9 +1,9 @@
|
||||
/* $NetBSD: ipsec_output.c,v 1.2 2003/08/15 03:42:07 jonathan Exp $ */
|
||||
/* $NetBSD: ipsec_output.c,v 1.3 2003/08/15 17:14:31 jonathan Exp $ */
|
||||
/* $FreeBSD: src/sys/netipsec/ipsec_output.c,v 1.3.2.1 2003/01/24 05:11:35 sam Exp $ */
|
||||
/* $KAME: ipsec.c,v 1.103 2001/05/24 07:14:18 sakane Exp $ */
|
||||
|
||||
#include <sys/cdefs.h>
|
||||
__KERNEL_RCSID(0, "$NetBSD: ipsec_output.c,v 1.2 2003/08/15 03:42:07 jonathan Exp $");
|
||||
__KERNEL_RCSID(0, "$NetBSD: ipsec_output.c,v 1.3 2003/08/15 17:14:31 jonathan Exp $");
|
||||
|
||||
/*
|
||||
* IPsec output processing.
|
||||
@ -355,7 +355,12 @@ ipsec4_process_packet(
|
||||
setdf = ip4_ipsec_dfbit;
|
||||
break;
|
||||
default: /* propagate to outer header */
|
||||
setdf = ntohs(ip->ip_off & IP_DF);
|
||||
setdf = ip->ip_off;
|
||||
#ifndef __FreeBSD__
|
||||
/* On FreeBSD, ip_off and ip_len assumed in host endian. */
|
||||
setdf = ntohs(setdf);
|
||||
#endif
|
||||
setdf = htons(setdf & IP_DF);
|
||||
break;
|
||||
}
|
||||
} else {
|
||||
|
Loading…
Reference in New Issue
Block a user