diff options
| author | ae <ae@FreeBSD.org> | 2015-06-02 03:14:42 +0000 |
|---|---|---|
| committer | ae <ae@FreeBSD.org> | 2015-06-02 03:14:42 +0000 |
| commit | fcbaea954867d54540644ca91c5c45fa835060d6 (patch) | |
| tree | 363e3402c6231f65ac872079c15244ba777cd8c8 /sys/netinet | |
| parent | f780971d9351b1bff9f79ea9876a4eb1d3def6ba (diff) | |
| download | FreeBSD-src-fcbaea954867d54540644ca91c5c45fa835060d6.zip FreeBSD-src-fcbaea954867d54540644ca91c5c45fa835060d6.tar.gz | |
MFC r275392:
Remove route chaching support from ipsec code. It isn't used for some time.
* remove sa_route_union declaration and route_cache member from struct secashead;
* remove key_sa_routechange() call from ICMP and ICMPv6 code;
* simplify ip_ipsec_mtu();
* remove #include <net/route.h>;
Sponsored by: Yandex LLC
Diffstat (limited to 'sys/netinet')
| -rw-r--r-- | sys/netinet/ip_icmp.c | 8 | ||||
| -rw-r--r-- | sys/netinet/ip_ipsec.c | 31 |
2 files changed, 1 insertions, 38 deletions
diff --git a/sys/netinet/ip_icmp.c b/sys/netinet/ip_icmp.c index c3dc159..ccc01c8 100644 --- a/sys/netinet/ip_icmp.c +++ b/sys/netinet/ip_icmp.c @@ -33,7 +33,6 @@ __FBSDID("$FreeBSD$"); #include "opt_inet.h" -#include "opt_ipsec.h" #include <sys/param.h> #include <sys/systm.h> @@ -64,10 +63,6 @@ __FBSDID("$FreeBSD$"); #include <netinet/icmp_var.h> #ifdef INET -#ifdef IPSEC -#include <netipsec/ipsec.h> -#include <netipsec/key.h> -#endif #include <machine/in_cksum.h> @@ -664,9 +659,6 @@ reflect: (struct sockaddr *)&icmpgw, fibnum); } pfctlinput(PRC_REDIRECT_HOST, (struct sockaddr *)&icmpsrc); -#ifdef IPSEC - key_sa_routechange((struct sockaddr *)&icmpsrc); -#endif break; /* diff --git a/sys/netinet/ip_ipsec.c b/sys/netinet/ip_ipsec.c index 28b899d..1550018 100644 --- a/sys/netinet/ip_ipsec.c +++ b/sys/netinet/ip_ipsec.c @@ -45,7 +45,6 @@ __FBSDID("$FreeBSD$"); #include <sys/sysctl.h> #include <net/if.h> -#include <net/route.h> #include <net/vnet.h> #include <netinet/in.h> @@ -215,35 +214,7 @@ ip_ipsec_mtu(struct mbuf *m, int mtu) * tunnel MTU = if MTU - sizeof(IP) - ESP/AH hdrsiz * XXX quickhack!!! */ - struct secpolicy *sp = NULL; - int ipsecerror; - int ipsechdr; - struct route *ro; - sp = ipsec_getpolicybyaddr(m, - IPSEC_DIR_OUTBOUND, - IP_FORWARDING, - &ipsecerror); - if (sp != NULL) { - /* count IPsec header size */ - ipsechdr = ipsec_hdrsiz(m, IPSEC_DIR_OUTBOUND, NULL); - - /* - * find the correct route for outer IPv4 - * header, compute tunnel MTU. - */ - if (sp->req != NULL && - sp->req->sav != NULL && - sp->req->sav->sah != NULL) { - ro = &sp->req->sav->sah->route_cache.sa_route; - if (ro->ro_rt && ro->ro_rt->rt_ifp) { - mtu = ro->ro_rt->rt_mtu ? ro->ro_rt->rt_mtu : - ro->ro_rt->rt_ifp->if_mtu; - mtu -= ipsechdr; - } - } - KEY_FREESP(&sp); - } - return mtu; + return (mtu - ipsec_hdrsiz(m, IPSEC_DIR_OUTBOUND, NULL)); } /* |
