mirror of
https://git.FreeBSD.org/src.git
synced 2024-12-23 11:18:54 +00:00
1ae800e7a6
* in ipsec_encap() embed scope zone ids into link-local addresses in the new IPv6 header, this helps ip6_output() disambiguate the scope; * teach key_ismyaddr6() use in6_localip(). in6_localip() is less strict than key_sockaddrcmp(). It doesn't compare all fileds of struct sockaddr_in6, but it is faster and it should be safe, because all SA's data was checked for correctness. Also, since IPv6 link-local addresses in the &V_in6_ifaddrhead are stored in kernel-internal form, we need to embed scope zone id from SA into the address before calling in6_localip. * in ipsec_common_input() take scope zone id embedded in the address and use it to initialize sin6_scope_id, then use this sockaddr structure to lookup SA, because we keep addresses in the SADB without embedded scope zone id. Differential Revision: https://reviews.freebsd.org/D2304 Reviewed by: gnn Sponsored by: Yandex LLC |
||
---|---|---|
.. | ||
ah_var.h | ||
ah.h | ||
esp_var.h | ||
esp.h | ||
ipcomp_var.h | ||
ipcomp.h | ||
ipsec6.h | ||
ipsec_input.c | ||
ipsec_mbuf.c | ||
ipsec_output.c | ||
ipsec.c | ||
ipsec.h | ||
key_debug.c | ||
key_debug.h | ||
key_var.h | ||
key.c | ||
key.h | ||
keydb.h | ||
keysock.c | ||
keysock.h | ||
xform_ah.c | ||
xform_esp.c | ||
xform_ipcomp.c | ||
xform_tcp.c | ||
xform.h |