int
ipsec_sa_intern(struct ipsec_sa *ips)
{
int error = 0;
IPsecSAref_t ref = ips->ips_ref;
if(ref == IPSEC_SAREF_NULL) {
ref = ipsec_SAref_alloc(&error); /* pass in error return by pointer */
KLIPS_PRINT(debug_xform,
"ipsec_sa_intern: "
"allocated ref=%u for sa %p\n", ref, ips);
if(ref == IPSEC_SAREF_NULL) {
KLIPS_PRINT(debug_xform,
"ipsec_sa_intern: "
"SAref allocation error\n");
return error;
}
ips->ips_ref = ref;
}
error = ipsec_saref_verify_slot(ref);
if(error) {
return error;
}
ipsec_sa_get(ips, IPSEC_REFINTERN);
/*
* if there is an existing SA at this reference, then free it
* note, that nsa might == ips!. That's okay, we just incremented
* the reference count above.
*/
{
struct ipsec_sa *nsa = IPsecSAref2SA(ref);
if(nsa) {
ipsec_sa_put(nsa, IPSEC_REFINTERN);
}
}
KLIPS_PRINT(debug_xform,
"ipsec_sa_intern: "
"SAref[%d]=%p\n",
ips->ips_ref, ips);
IPsecSAref2SA(ips->ips_ref) = ips;
/* return OK */
return 0;
}
void ipsec_sa_untern(struct ipsec_sa *ips)
{
IPsecSAref_t ref = ips->ips_ref;
int error;
/* verify that we are removing correct item! */
error = ipsec_saref_verify_slot(ref);
if (error)
return;
if (IPsecSAref2SA(ref) == ips) {
IPsecSAref2SA(ref) = NULL;
ipsec_sa_put(ips, IPSEC_REFINTERN);
} else {
KLIPS_PRINT(debug_xform,
"ipsec_sa_untern: "
"ref=%u -> %p but untern'ing %p\n", ref,
IPsecSAref2SA(ref), ips);
}
}
