Print this page
First attempt at further IPsec cluster cleanup
@@ -727,12 +727,11 @@
hptr = INBOUND_BUCKET(sp, ah->ah_spi);
mutex_enter(&hptr->isaf_lock);
assoc = ipsec_getassocbyspi(hptr, ah->ah_spi, src_ptr, dst_ptr, af);
mutex_exit(&hptr->isaf_lock);
- if (assoc == NULL || assoc->ipsa_state == IPSA_STATE_DEAD ||
- assoc->ipsa_state == IPSA_STATE_ACTIVE_ELSEWHERE) {
+ if (assoc == NULL || assoc->ipsa_state == IPSA_STATE_DEAD) {
IP_AH_BUMP_STAT(ipss, lookup_failure);
IP_AH_BUMP_STAT(ipss, in_discards);
ipsecah_in_assocfailure(mp, 0,
SL_ERROR | SL_CONSOLE | SL_WARN,
"ipsec_inbound_ah_sa: No association found for "
@@ -869,12 +868,11 @@
mutex_enter(&bucket->isaf_lock);
ipsa = ipsec_getassocbyspi(bucket, esph->esph_spi, src_ptr, dst_ptr,
af);
mutex_exit(&bucket->isaf_lock);
- if (ipsa == NULL || ipsa->ipsa_state == IPSA_STATE_DEAD ||
- ipsa->ipsa_state == IPSA_STATE_ACTIVE_ELSEWHERE) {
+ if (ipsa == NULL || ipsa->ipsa_state == IPSA_STATE_DEAD) {
/* This is a loggable error! AUDIT ME! */
IP_ESP_BUMP_STAT(ipss, lookup_failure);
IP_ESP_BUMP_STAT(ipss, in_discards);
ipsecesp_in_assocfailure(data_mp, 0,
SL_ERROR | SL_CONSOLE | SL_WARN,