Remove the M_AUTHIPDGM flag. It is equivalent to M_AUTHIPHDR, both

are set in IPsec-AH, and they are always handled together.
This commit is contained in:
maxv 2018-04-24 08:07:05 +00:00
parent b5d4b113f7
commit 3e02f4fab8
4 changed files with 12 additions and 20 deletions

View File

@ -1,4 +1,4 @@
/* $NetBSD: nd6_rtr.c,v 1.138 2018/01/26 06:49:02 ozaki-r Exp $ */ /* $NetBSD: nd6_rtr.c,v 1.139 2018/04/24 08:07:05 maxv Exp $ */
/* $KAME: nd6_rtr.c,v 1.95 2001/02/07 08:09:47 itojun Exp $ */ /* $KAME: nd6_rtr.c,v 1.95 2001/02/07 08:09:47 itojun Exp $ */
/* /*
@ -31,7 +31,7 @@
*/ */
#include <sys/cdefs.h> #include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: nd6_rtr.c,v 1.138 2018/01/26 06:49:02 ozaki-r Exp $"); __KERNEL_RCSID(0, "$NetBSD: nd6_rtr.c,v 1.139 2018/04/24 08:07:05 maxv Exp $");
#ifdef _KERNEL_OPT #ifdef _KERNEL_OPT
#include "opt_net_mpsafe.h" #include "opt_net_mpsafe.h"
@ -1122,14 +1122,7 @@ prelist_update(struct nd_prefixctl *newprc,
auth = 0; auth = 0;
if (m) { if (m) {
/* auth = (m->m_flags & M_AUTHIPHDR) ? 1 : 0;
* Authenticity for NA consists authentication for
* both IP header and IP datagrams, doesn't it ?
*/
#if defined(M_AUTHIPHDR) && defined(M_AUTHIPDGM)
auth = (m->m_flags & M_AUTHIPHDR
&& m->m_flags & M_AUTHIPDGM) ? 1 : 0;
#endif
} }
if ((pr = nd6_prefix_lookup(newprc)) != NULL) { if ((pr = nd6_prefix_lookup(newprc)) != NULL) {

View File

@ -1,4 +1,4 @@
/* $NetBSD: xform_ah.c,v 1.93 2018/04/23 07:22:54 maxv Exp $ */ /* $NetBSD: xform_ah.c,v 1.94 2018/04/24 08:07:06 maxv Exp $ */
/* $FreeBSD: xform_ah.c,v 1.1.4.1 2003/01/24 05:11:36 sam Exp $ */ /* $FreeBSD: xform_ah.c,v 1.1.4.1 2003/01/24 05:11:36 sam Exp $ */
/* $OpenBSD: ip_ah.c,v 1.63 2001/06/26 06:18:58 angelos Exp $ */ /* $OpenBSD: ip_ah.c,v 1.63 2001/06/26 06:18:58 angelos Exp $ */
/* /*
@ -39,7 +39,7 @@
*/ */
#include <sys/cdefs.h> #include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: xform_ah.c,v 1.93 2018/04/23 07:22:54 maxv Exp $"); __KERNEL_RCSID(0, "$NetBSD: xform_ah.c,v 1.94 2018/04/24 08:07:06 maxv Exp $");
#if defined(_KERNEL_OPT) #if defined(_KERNEL_OPT)
#include "opt_inet.h" #include "opt_inet.h"
@ -829,7 +829,7 @@ ah_input_cb(struct cryptop *crp)
/* /*
* Header is now authenticated. * Header is now authenticated.
*/ */
m->m_flags |= M_AUTHIPHDR|M_AUTHIPDGM; m->m_flags |= M_AUTHIPHDR;
/* /*
* Update replay sequence number, if appropriate. * Update replay sequence number, if appropriate.

View File

@ -1,4 +1,4 @@
/* $NetBSD: xform_ipip.c,v 1.67 2018/04/22 10:25:40 maxv Exp $ */ /* $NetBSD: xform_ipip.c,v 1.68 2018/04/24 08:07:06 maxv Exp $ */
/* $FreeBSD: xform_ipip.c,v 1.3.2.1 2003/01/24 05:11:36 sam Exp $ */ /* $FreeBSD: xform_ipip.c,v 1.3.2.1 2003/01/24 05:11:36 sam Exp $ */
/* $OpenBSD: ip_ipip.c,v 1.25 2002/06/10 18:04:55 itojun Exp $ */ /* $OpenBSD: ip_ipip.c,v 1.25 2002/06/10 18:04:55 itojun Exp $ */
@ -39,7 +39,7 @@
*/ */
#include <sys/cdefs.h> #include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.67 2018/04/22 10:25:40 maxv Exp $"); __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.68 2018/04/24 08:07:06 maxv Exp $");
/* /*
* IP-inside-IP processing * IP-inside-IP processing
@ -85,7 +85,7 @@ __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.67 2018/04/22 10:25:40 maxv Exp $")
#include <netipsec/key_debug.h> #include <netipsec/key_debug.h>
/* XXX IPCOMP */ /* XXX IPCOMP */
#define M_IPSEC (M_AUTHIPHDR|M_AUTHIPDGM|M_DECRYPTED) #define M_IPSEC (M_AUTHIPHDR|M_DECRYPTED)
int ipip_spoofcheck = 1; int ipip_spoofcheck = 1;
percpu_t *ipipstat_percpu; percpu_t *ipipstat_percpu;

View File

@ -1,4 +1,4 @@
/* $NetBSD: mbuf.h,v 1.187 2018/04/15 17:26:39 maxv Exp $ */ /* $NetBSD: mbuf.h,v 1.188 2018/04/24 08:07:06 maxv Exp $ */
/* /*
* Copyright (c) 1996, 1997, 1999, 2001, 2007 The NetBSD Foundation, Inc. * Copyright (c) 1996, 1997, 1999, 2001, 2007 The NetBSD Foundation, Inc.
@ -355,7 +355,6 @@ MBUF_DEFINE(mbuf, MHLEN, MLEN);
* IP header */ * IP header */
#define M_DECRYPTED 0x00000020 /* confidentiality */ #define M_DECRYPTED 0x00000020 /* confidentiality */
#define M_LOOP 0x00000040 /* for Mbuf statistics */ #define M_LOOP 0x00000040 /* for Mbuf statistics */
#define M_AUTHIPDGM 0x00000080 /* data origin authentication */
#define M_BCAST 0x00000100 /* send/received as link-level #define M_BCAST 0x00000100 /* send/received as link-level
* broadcast */ * broadcast */
#define M_MCAST 0x00000200 /* send/received as link-level #define M_MCAST 0x00000200 /* send/received as link-level
@ -387,7 +386,7 @@ MBUF_DEFINE(mbuf, MHLEN, MLEN);
#define M_NOTIFICATION M_PROTO1 #define M_NOTIFICATION M_PROTO1
#define M_FLAGS_BITS \ #define M_FLAGS_BITS \
"\20\1EXT\2PKTHDR\3EOR\4PROTO1\5AUTHIPHDR\6DECRYPTED\7LOOP\10AUTHIPDGM" \ "\20\1EXT\2PKTHDR\3EOR\4PROTO1\5AUTHIPHDR\6DECRYPTED\7LOOP\10NONE" \
"\11BCAST\12MCAST\13CANFASTFWD\14ANYCAST6\15LINK0\16LINK1\17LINK2\20LINK3" \ "\11BCAST\12MCAST\13CANFASTFWD\14ANYCAST6\15LINK0\16LINK1\17LINK2\20LINK3" \
"\21LINK4\22LINK5\23LINK6\24LINK7" \ "\21LINK4\22LINK5\23LINK6\24LINK7" \
"\25VLANTAG" \ "\25VLANTAG" \
@ -396,7 +395,7 @@ MBUF_DEFINE(mbuf, MHLEN, MLEN);
/* flags copied when copying m_pkthdr */ /* flags copied when copying m_pkthdr */
#define M_COPYFLAGS (M_PKTHDR|M_EOR|M_BCAST|M_MCAST|M_CANFASTFWD| \ #define M_COPYFLAGS (M_PKTHDR|M_EOR|M_BCAST|M_MCAST|M_CANFASTFWD| \
M_ANYCAST6|M_LINK0|M_LINK1|M_LINK2|M_AUTHIPHDR|M_DECRYPTED|M_LOOP| \ M_ANYCAST6|M_LINK0|M_LINK1|M_LINK2|M_AUTHIPHDR|M_DECRYPTED|M_LOOP| \
M_AUTHIPDGM|M_VLANTAG) M_VLANTAG)
/* flag copied when shallow-copying external storage */ /* flag copied when shallow-copying external storage */
#define M_EXTCOPYFLAGS (M_EXT|M_EXT_FLAGS) #define M_EXTCOPYFLAGS (M_EXT|M_EXT_FLAGS)