diff options
author | ume <ume@FreeBSD.org> | 2004-02-03 18:20:55 +0000 |
---|---|---|
committer | ume <ume@FreeBSD.org> | 2004-02-03 18:20:55 +0000 |
commit | de3407d02868da17b84be20a37bee2f9d4b5ad99 (patch) | |
tree | d4a15c08d97fd84eaa902735fd317261af259609 /sys/netinet6/ip6_output.c | |
parent | 509193a62ff6f66dabb660a8509266c59d098ce9 (diff) | |
download | FreeBSD-src-de3407d02868da17b84be20a37bee2f9d4b5ad99.zip FreeBSD-src-de3407d02868da17b84be20a37bee2f9d4b5ad99.tar.gz |
pass pcb rather than so. it is expected that per socket policy
works again.
Diffstat (limited to 'sys/netinet6/ip6_output.c')
-rw-r--r-- | sys/netinet6/ip6_output.c | 9 |
1 files changed, 2 insertions, 7 deletions
diff --git a/sys/netinet6/ip6_output.c b/sys/netinet6/ip6_output.c index 821a035..fc69de1 100644 --- a/sys/netinet6/ip6_output.c +++ b/sys/netinet6/ip6_output.c @@ -191,12 +191,7 @@ ip6_output(m0, opt, ro, flags, im6o, ifpp, inp) #endif /* FAST_IPSEC */ #ifdef IPSEC int needipsectun = 0; - struct socket *so; struct secpolicy *sp = NULL; - - /* for AH processing. stupid to have "socket" variable in IP layer... */ - so = ipsec_getsocket(m); - (void)ipsec_setsocket(m, NULL); #endif /* IPSEC */ ip6 = mtod(m, struct ip6_hdr *); @@ -240,10 +235,10 @@ ip6_output(m0, opt, ro, flags, im6o, ifpp, inp) #ifdef IPSEC /* get a security policy for this packet */ - if (so == NULL) + if (inp == NULL) sp = ipsec6_getpolicybyaddr(m, IPSEC_DIR_OUTBOUND, 0, &error); else - sp = ipsec6_getpolicybysock(m, IPSEC_DIR_OUTBOUND, so, &error); + sp = ipsec6_getpolicybypcb(m, IPSEC_DIR_OUTBOUND, inp, &error); if (sp == NULL) { ipsec6stat.out_inval++; |