Subject: Re: kern/34734: ipsec tunnels over ipv6 are broken
To: None <kern-bug-people@netbsd.org, gnats-admin@netbsd.org,>
From: Michael van Elst <mlelstv@serpens.de>
List: netbsd-bugs
Date: 12/10/2006 13:10:03
The following reply was made to PR kern/34734; it has been noted by GNATS.
From: Michael van Elst <mlelstv@serpens.de>
To: gnats-bugs@netbsd.org
Cc:
Subject: Re: kern/34734: ipsec tunnels over ipv6 are broken
Date: Sun, 10 Dec 2006 14:06:31 +0100
This patch from JINMEI Tatuya looks better. But I haven't been able
to test it for scoped addresses under netbsd4.
Index: ipsec.c
===================================================================
RCS file: /cvsroot/src/sys/netinet6/ipsec.c,v
retrieving revision 1.110
diff -r1.110 ipsec.c
3331,3332c3331
< struct sockaddr_in6 *sin6;
< struct in6_addr in6;
---
> struct sockaddr_in6 sin6;
3341,3342c3340,3343
< sin6 = ((struct sockaddr_in6 *)&sav->sah->saidx.dst);
< if (!IN6_ARE_ADDR_EQUAL(&ip6->ip6_dst, &in6))
---
> sin6 = *((struct sockaddr_in6 *)&sav->sah->saidx.dst);
> if (sa6_embedscope(&sin6, 0) != 0)
> return 0;
> if (!IN6_ARE_ADDR_EQUAL(&ip6->ip6_dst, &sin6.sin6_addr))
If nobody complains I will commit it.
--
Michael van Elst
Internet: mlelstv@serpens.de
"A potential Snark may lurk in every tree."