Mercurial > illumos > illumos-gate

changeset 10692:ab0b8119c0e1

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
6886919 Tunnels accept cleartext when they aren't supposed to.
author Dan McDonald <danmcd@sun.com>
date Wed, 30 Sep 2009 12:12:33 -0400
parents 36de6b202f7e
children aaa91fcac595
files usr/src/uts/common/inet/iptun/iptun.c
diffstat 1 files changed, 5 insertions(+), 9 deletions(-) [+]
line wrap: on
line diff
--- a/usr/src/uts/common/inet/iptun/iptun.c	Wed Sep 30 10:02:47 2009 -0600
+++ b/usr/src/uts/common/inet/iptun/iptun.c	Wed Sep 30 12:12:33 2009 -0400
@@ -2599,7 +2599,6 @@
 	ipha_t	*outer4, *inner4;
 	ip6_t	*outer6, *inner6;
 	mblk_t	*data_mp = mp;
-	boolean_t ipsec = B_FALSE;
 
 	ASSERT(IPCL_IS_IPTUN(connp));
 	ASSERT(DB_TYPE(mp) == M_DATA || DB_TYPE(mp) == M_CTL);
@@ -2616,7 +2615,6 @@
 			iptun_input_icmp(iptun, mp, data_mp);
 			return;
 		}
-		ipsec = B_TRUE;
 	}
 
 	/*
@@ -2649,14 +2647,12 @@
 			goto drop;
 	}
 
-	if (ipsec) {
-		if (!ipsec_tun_inbound(mp, &data_mp, iptun->iptun_itp, inner4,
-		    inner6, outer4, outer6, outer_hlen, iptun->iptun_ns)) {
-			/* Callee did all of the freeing. */
-			return;
-		}
-		mp = data_mp;
+	if (!ipsec_tun_inbound(mp, &data_mp, iptun->iptun_itp, inner4,
+	    inner6, outer4, outer6, outer_hlen, iptun->iptun_ns)) {
+		/* Callee did all of the freeing. */
+		return;
 	}
+	mp = data_mp;
 
 	if (iptun->iptun_typeinfo->iti_type == IPTUN_TYPE_6TO4 &&
 	    !iptun_in_6to4_ok(iptun, outer4, inner6))