K 10
svn:author
V 2
bz
K 8
svn:date
V 27
2008-02-02T14:11:31.000000Z
K 7
svn:log
V 224
Rather than passing around a cached 'priv', pass in an ucred to
ipsec*_set_policy and do the privilege check only if needed.

Try to assimilate both ip*_ctloutput code blocks calling ipsec*_set_policy.

Reviewed by:	rwatson

END