Changeset View
Changeset View
Standalone View
Standalone View
sys/netipsec/key.c
Context not available. | |||||
} | } | ||||
/* | /* | ||||
* insert a secpolicy into the SP database. Lower priorities first | |||||
*/ | |||||
static void | |||||
key_insertsp(struct secpolicy *newsp) | |||||
{ | |||||
struct secpolicy *sp; | |||||
SPTREE_WLOCK(); | |||||
TAILQ_FOREACH(sp, &V_sptree[newsp->spidx.dir], chain) { | |||||
if (newsp->priority < sp->priority) { | |||||
TAILQ_INSERT_BEFORE(sp, newsp, chain); | |||||
goto done; | |||||
} | |||||
} | |||||
TAILQ_INSERT_TAIL(&V_sptree[newsp->spidx.dir], newsp, chain); | |||||
done: | |||||
newsp->state = IPSEC_SPSTATE_ALIVE; | |||||
SPTREE_WUNLOCK(); | |||||
} | |||||
/* | |||||
* Must be called after calling key_allocsp(). | * Must be called after calling key_allocsp(). | ||||
* For the packet with socket. | * For the packet with socket. | ||||
*/ | */ | ||||
Context not available. | |||||
newsp->spidx.dir = xpl0->sadb_x_policy_dir; | newsp->spidx.dir = xpl0->sadb_x_policy_dir; | ||||
newsp->policy = xpl0->sadb_x_policy_type; | newsp->policy = xpl0->sadb_x_policy_type; | ||||
newsp->priority = xpl0->sadb_x_policy_priority; | |||||
/* check policy */ | /* check policy */ | ||||
switch (xpl0->sadb_x_policy_type) { | switch (xpl0->sadb_x_policy_type) { | ||||
Context not available. | |||||
xpl->sadb_x_policy_type = sp->policy; | xpl->sadb_x_policy_type = sp->policy; | ||||
xpl->sadb_x_policy_dir = sp->spidx.dir; | xpl->sadb_x_policy_dir = sp->spidx.dir; | ||||
xpl->sadb_x_policy_id = sp->id; | xpl->sadb_x_policy_id = sp->id; | ||||
xpl->sadb_x_policy_priority = sp->priority; | |||||
p = (caddr_t)xpl + sizeof(*xpl); | p = (caddr_t)xpl + sizeof(*xpl); | ||||
/* if is the policy for ipsec ? */ | /* if is the policy for ipsec ? */ | ||||
Context not available. | |||||
newsp->lifetime = lft ? lft->sadb_lifetime_addtime : 0; | newsp->lifetime = lft ? lft->sadb_lifetime_addtime : 0; | ||||
newsp->validtime = lft ? lft->sadb_lifetime_usetime : 0; | newsp->validtime = lft ? lft->sadb_lifetime_usetime : 0; | ||||
SPTREE_WLOCK(); | key_insertsp(newsp); | ||||
TAILQ_INSERT_TAIL(&V_sptree[newsp->spidx.dir], newsp, chain); | |||||
newsp->state = IPSEC_SPSTATE_ALIVE; | |||||
SPTREE_WUNLOCK(); | |||||
/* delete the entry in spacqtree */ | /* delete the entry in spacqtree */ | ||||
if (mhp->msg->sadb_msg_type == SADB_X_SPDUPDATE) { | if (mhp->msg->sadb_msg_type == SADB_X_SPDUPDATE) { | ||||
Context not available. |