aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMasahide NAKAMURA2006-08-23 18:09:09 -0700
committerDavid S. Miller2006-09-22 15:06:40 -0700
commit9e51fd371a022318c5b64b831c43026e89bc4f75 (patch)
treed11b58ab8d89bc52eb5c875a8e698fcb285c87ef
parentfbd9a5b47ee9c319ff0cae584391241ce78ffd6b (diff)
[XFRM]: Rename secpath_has_tunnel to secpath_has_nontransport.
On current kernel inbound transformation state is allowed transport and disallowed tunnel mode when mismatch is occurred between tempates and states. As the result of adding two more modes by Mobile IPv6, this function name is misleading. Inbound transformation can allow only transport mode when mismatch is occurred between template and secpath. Based on MIPL2 kernel patch. Signed-off-by: Masahide NAKAMURA <nakam@linux-ipv6.org> Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org> Signed-off-by: David S. Miller <davem@davemloft.net>
-rw-r--r--net/xfrm/xfrm_policy.c6
1 files changed, 3 insertions, 3 deletions
diff --git a/net/xfrm/xfrm_policy.c b/net/xfrm/xfrm_policy.c
index f1cdcfb90959..56abb5c057d4 100644
--- a/net/xfrm/xfrm_policy.c
+++ b/net/xfrm/xfrm_policy.c
@@ -1046,7 +1046,7 @@ xfrm_decode_session(struct sk_buff *skb, struct flowi *fl, unsigned short family
}
EXPORT_SYMBOL(xfrm_decode_session);
-static inline int secpath_has_tunnel(struct sec_path *sp, int k)
+static inline int secpath_has_nontransport(struct sec_path *sp, int k)
{
for (; k < sp->len; k++) {
if (sp->xvec[k]->props.mode != XFRM_MODE_TRANSPORT)
@@ -1087,7 +1087,7 @@ int __xfrm_policy_check(struct sock *sk, int dir, struct sk_buff *skb,
xfrm_policy_lookup);
if (!pol)
- return !skb->sp || !secpath_has_tunnel(skb->sp, 0);
+ return !skb->sp || !secpath_has_nontransport(skb->sp, 0);
pol->curlft.use_time = (unsigned long)xtime.tv_sec;
@@ -1111,7 +1111,7 @@ int __xfrm_policy_check(struct sock *sk, int dir, struct sk_buff *skb,
goto reject;
}
- if (secpath_has_tunnel(sp, k))
+ if (secpath_has_nontransport(sp, k))
goto reject;
xfrm_pol_put(pol);