Module Name: src
Committed By: maxv
Date: Wed May 30 16:49:38 UTC 2018
Modified Files:
src/sys/netipsec: xform_esp.c
Log Message:
Apply the previous change in esp_input too, same as esp_output.
To generate a diff of this commit:
cvs rdiff -u -r1.92 -r1.93 src/sys/netipsec/xform_esp.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/netipsec/xform_esp.c
diff -u src/sys/netipsec/xform_esp.c:1.92 src/sys/netipsec/xform_esp.c:1.93
--- src/sys/netipsec/xform_esp.c:1.92 Wed May 30 16:43:29 2018
+++ src/sys/netipsec/xform_esp.c Wed May 30 16:49:38 2018
@@ -1,4 +1,4 @@
-/* $NetBSD: xform_esp.c,v 1.92 2018/05/30 16:43:29 maxv Exp $ */
+/* $NetBSD: xform_esp.c,v 1.93 2018/05/30 16:49:38 maxv Exp $ */
/* $FreeBSD: xform_esp.c,v 1.2.2.1 2003/01/24 05:11:36 sam Exp $ */
/* $OpenBSD: ip_esp.c,v 1.69 2001/06/26 06:18:59 angelos Exp $ */
@@ -39,7 +39,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: xform_esp.c,v 1.92 2018/05/30 16:43:29 maxv Exp $");
+__KERNEL_RCSID(0, "$NetBSD: xform_esp.c,v 1.93 2018/05/30 16:49:38 maxv Exp $");
#if defined(_KERNEL_OPT)
#include "opt_inet.h"
@@ -317,6 +317,7 @@ esp_input(struct mbuf *m, struct secasva
esph = sav->tdb_authalgxform;
espx = sav->tdb_encalgxform;
+ KASSERT(espx != NULL);
/* Determine the ESP header length */
if (sav->flags & SADB_X_EXT_OLD)
@@ -362,7 +363,7 @@ esp_input(struct mbuf *m, struct secasva
ESP_STATADD(ESP_STAT_IBYTES, m->m_pkthdr.len - skip - hlen - alen);
/* Get crypto descriptors */
- crp = crypto_getreq(esph && espx ? 2 : 1);
+ crp = crypto_getreq(esph ? 2 : 1);
if (crp == NULL) {
DPRINTF(("%s: failed to acquire crypto descriptors\n",
__func__));
@@ -396,15 +397,15 @@ esp_input(struct mbuf *m, struct secasva
/* Authentication descriptor */
crda->crd_skip = skip;
- if (espx && espx->type == CRYPTO_AES_GCM_16)
+ if (espx->type == CRYPTO_AES_GCM_16)
crda->crd_len = hlen - sav->ivlen;
else
crda->crd_len = m->m_pkthdr.len - (skip + alen);
crda->crd_inject = m->m_pkthdr.len - alen;
crda->crd_alg = esph->type;
- if (espx && (espx->type == CRYPTO_AES_GCM_16 ||
- espx->type == CRYPTO_AES_GMAC)) {
+ if (espx->type == CRYPTO_AES_GCM_16 ||
+ espx->type == CRYPTO_AES_GMAC) {
crda->crd_key = _KEYBUF(sav->key_enc);
crda->crd_klen = _KEYBITS(sav->key_enc);
} else {
@@ -454,20 +455,17 @@ esp_input(struct mbuf *m, struct secasva
tc->tc_sav = sav;
/* Decryption descriptor */
- if (espx) {
- KASSERTMSG(crde != NULL, "null esp crypto descriptor");
- crde->crd_skip = skip + hlen;
- if (espx->type == CRYPTO_AES_GMAC)
- crde->crd_len = 0;
- else
- crde->crd_len = m->m_pkthdr.len - (skip + hlen + alen);
- crde->crd_inject = skip + hlen - sav->ivlen;
-
- crde->crd_alg = espx->type;
- crde->crd_key = _KEYBUF(sav->key_enc);
- crde->crd_klen = _KEYBITS(sav->key_enc);
- /* XXX Rounds ? */
- }
+ KASSERTMSG(crde != NULL, "null esp crypto descriptor");
+ crde->crd_skip = skip + hlen;
+ if (espx->type == CRYPTO_AES_GMAC)
+ crde->crd_len = 0;
+ else
+ crde->crd_len = m->m_pkthdr.len - (skip + hlen + alen);
+ crde->crd_inject = skip + hlen - sav->ivlen;
+ crde->crd_alg = espx->type;
+ crde->crd_key = _KEYBUF(sav->key_enc);
+ crde->crd_klen = _KEYBITS(sav->key_enc);
+ /* XXX Rounds ? */
return crypto_dispatch(crp);
