diff options
author | glebius <glebius@FreeBSD.org> | 2012-10-23 08:33:13 +0000 |
---|---|---|
committer | glebius <glebius@FreeBSD.org> | 2012-10-23 08:33:13 +0000 |
commit | fea857f2a843cb039f3757ef79ba28b083d7a0c3 (patch) | |
tree | 3f8a671ee4ada31ed0990132b9e47b3cd8a49bc2 /sys/netipsec | |
parent | 6a485e417ac3a2996d760532faaf5a48a890d223 (diff) | |
download | FreeBSD-src-fea857f2a843cb039f3757ef79ba28b083d7a0c3.zip FreeBSD-src-fea857f2a843cb039f3757ef79ba28b083d7a0c3.tar.gz |
Do not reduce ip_len by size of IP header in the ip_input()
before passing a packet to protocol input routines.
For several protocols this mean that now protocol needs to
do subtraction itself, and for another half this means that
we do not need to add header length back to the packet.
Make ip_stripoptions() to adjust ip_len, since now we enter
this function with a packet header whose ip_len does represent
length of entire packet, not payload only.
Diffstat (limited to 'sys/netipsec')
-rw-r--r-- | sys/netipsec/xform_ah.c | 3 |
1 files changed, 0 insertions, 3 deletions
diff --git a/sys/netipsec/xform_ah.c b/sys/netipsec/xform_ah.c index 91fcad6..722879b 100644 --- a/sys/netipsec/xform_ah.c +++ b/sys/netipsec/xform_ah.c @@ -305,9 +305,6 @@ ah_massage_headers(struct mbuf **m0, int proto, int skip, int alg, int out) ip->ip_ttl = 0; ip->ip_sum = 0; - if (!out) - ip->ip_len = htons(ntohs(ip->ip_len) + skip); - if (alg == CRYPTO_MD5_KPDK || alg == CRYPTO_SHA1_KPDK) ip->ip_off &= htons(IP_DF); else |