mirror/freebsd
1
0
Fork 0
mirror of https://git.FreeBSD.org/src.git synced 2024-12-16 10:20:30 +00:00
Code Issues Releases Activity

correct fast ipsec logic: compare destination ip address against the

Browse Source 
contents of the SA, not the SP

Submitted by:	"Doug Ambrisko" <ambrisko@verniernetworks.com>
This commit is contained in:
Sam Leffler 2002-11-08 23:11:02 +00:00
parent 955630483b
commit ab94ca3cec
Notes: svn2git 2020-12-20 02:59:44 +00:00 
svn path=/head/; revision=106678
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
sys/netinet/ip_output.c
View File

@ -637,7 +637,7 @@ ip_output(m0, opt, ro, flags, imo, inp)
tdbi = (struct tdb_ident *)(mtag + 1);
if (tdbi->spi == sp->req->sav->spi &&
tdbi->proto == sp->req->sav->sah->saidx.proto &&
bcmp(&tdbi->dst, &sp->spidx.dst,
bcmp(&tdbi->dst, &sp->req->sav->sah->saidx.dst,
sizeof (union sockaddr_union)) == 0) {
/*
* No IPsec processing is needed, free