Fix a bug introduced in r221129 that leads to a panic wen using bundled

SAs. For now allow same address family bundles. While discovered with ESP and AH, which does not make a lot of sense, IPcomp could be a possible problematic candidate. PR: kern/164400 MFC after: 3 days
author: bz <bz@FreeBSD.org> 2012-07-22 17:46:05 +0000
committer: bz <bz@FreeBSD.org> 2012-07-22 17:46:05 +0000
commit: cd3a3d4b7a6ad0e79227f5c9cf98d41ea981c37e (patch)
tree: 356e7c30261942a64a89fa50704cb8a07658dd81 /sys/netipsec/ipsec_output.c
parent: bb5e5ce48adff96a77aaed79b7337c661bc47f5f (diff)
download: FreeBSD-src-cd3a3d4b7a6ad0e79227f5c9cf98d41ea981c37e.zip
FreeBSD-src-cd3a3d4b7a6ad0e79227f5c9cf98d41ea981c37e.tar.gz
1 files changed, 1 insertions, 2 deletions
diff --git a/sys/netipsec/ipsec_output.c b/sys/netipsec/ipsec_output.c
index 38268f7..1a1b646 100644
--- a/sys/netipsec/ipsec_output.c
+++ b/sys/netipsec/ipsec_output.c
@@ -165,8 +165,7 @@ ipsec_process_done(struct mbuf *m, struct ipsecrequest *isr)
 	 */
 	if (isr->next) {
 		V_ipsec4stat.ips_out_bundlesa++;
-		sav = isr->next->sav;
-		saidx = &sav->sah->saidx;
+		/* XXX-BZ currently only support same AF bundles. */
 		switch (saidx->dst.sa.sa_family) {
 #ifdef INET
 		case AF_INET:
author	bz <bz@FreeBSD.org>	2012-07-22 17:46:05 +0000
committer	bz <bz@FreeBSD.org>	2012-07-22 17:46:05 +0000
commit	cd3a3d4b7a6ad0e79227f5c9cf98d41ea981c37e (patch)
tree	356e7c30261942a64a89fa50704cb8a07658dd81 /sys/netipsec/ipsec_output.c
parent	bb5e5ce48adff96a77aaed79b7337c661bc47f5f (diff)
download	FreeBSD-src-cd3a3d4b7a6ad0e79227f5c9cf98d41ea981c37e.zip FreeBSD-src-cd3a3d4b7a6ad0e79227f5c9cf98d41ea981c37e.tar.gz