Print this page
First attempt at further IPsec cluster cleanup
*** 727,738 ****
hptr = INBOUND_BUCKET(sp, ah->ah_spi);
mutex_enter(&hptr->isaf_lock);
assoc = ipsec_getassocbyspi(hptr, ah->ah_spi, src_ptr, dst_ptr, af);
mutex_exit(&hptr->isaf_lock);
! if (assoc == NULL || assoc->ipsa_state == IPSA_STATE_DEAD ||
! assoc->ipsa_state == IPSA_STATE_ACTIVE_ELSEWHERE) {
IP_AH_BUMP_STAT(ipss, lookup_failure);
IP_AH_BUMP_STAT(ipss, in_discards);
ipsecah_in_assocfailure(mp, 0,
SL_ERROR | SL_CONSOLE | SL_WARN,
"ipsec_inbound_ah_sa: No association found for "
--- 727,737 ----
hptr = INBOUND_BUCKET(sp, ah->ah_spi);
mutex_enter(&hptr->isaf_lock);
assoc = ipsec_getassocbyspi(hptr, ah->ah_spi, src_ptr, dst_ptr, af);
mutex_exit(&hptr->isaf_lock);
! if (assoc == NULL || assoc->ipsa_state == IPSA_STATE_DEAD) {
IP_AH_BUMP_STAT(ipss, lookup_failure);
IP_AH_BUMP_STAT(ipss, in_discards);
ipsecah_in_assocfailure(mp, 0,
SL_ERROR | SL_CONSOLE | SL_WARN,
"ipsec_inbound_ah_sa: No association found for "
*** 869,880 ****
mutex_enter(&bucket->isaf_lock);
ipsa = ipsec_getassocbyspi(bucket, esph->esph_spi, src_ptr, dst_ptr,
af);
mutex_exit(&bucket->isaf_lock);
! if (ipsa == NULL || ipsa->ipsa_state == IPSA_STATE_DEAD ||
! ipsa->ipsa_state == IPSA_STATE_ACTIVE_ELSEWHERE) {
/* This is a loggable error! AUDIT ME! */
IP_ESP_BUMP_STAT(ipss, lookup_failure);
IP_ESP_BUMP_STAT(ipss, in_discards);
ipsecesp_in_assocfailure(data_mp, 0,
SL_ERROR | SL_CONSOLE | SL_WARN,
--- 868,878 ----
mutex_enter(&bucket->isaf_lock);
ipsa = ipsec_getassocbyspi(bucket, esph->esph_spi, src_ptr, dst_ptr,
af);
mutex_exit(&bucket->isaf_lock);
! if (ipsa == NULL || ipsa->ipsa_state == IPSA_STATE_DEAD) {
/* This is a loggable error! AUDIT ME! */
IP_ESP_BUMP_STAT(ipss, lookup_failure);
IP_ESP_BUMP_STAT(ipss, in_discards);
ipsecesp_in_assocfailure(data_mp, 0,
SL_ERROR | SL_CONSOLE | SL_WARN,