Module Name: src Committed By: maxv Date: Wed May 30 16:49:38 UTC 2018
Modified Files: src/sys/netipsec: xform_esp.c Log Message: Apply the previous change in esp_input too, same as esp_output. To generate a diff of this commit: cvs rdiff -u -r1.92 -r1.93 src/sys/netipsec/xform_esp.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
Modified files: Index: src/sys/netipsec/xform_esp.c diff -u src/sys/netipsec/xform_esp.c:1.92 src/sys/netipsec/xform_esp.c:1.93 --- src/sys/netipsec/xform_esp.c:1.92 Wed May 30 16:43:29 2018 +++ src/sys/netipsec/xform_esp.c Wed May 30 16:49:38 2018 @@ -1,4 +1,4 @@ -/* $NetBSD: xform_esp.c,v 1.92 2018/05/30 16:43:29 maxv Exp $ */ +/* $NetBSD: xform_esp.c,v 1.93 2018/05/30 16:49:38 maxv Exp $ */ /* $FreeBSD: xform_esp.c,v 1.2.2.1 2003/01/24 05:11:36 sam Exp $ */ /* $OpenBSD: ip_esp.c,v 1.69 2001/06/26 06:18:59 angelos Exp $ */ @@ -39,7 +39,7 @@ */ #include <sys/cdefs.h> -__KERNEL_RCSID(0, "$NetBSD: xform_esp.c,v 1.92 2018/05/30 16:43:29 maxv Exp $"); +__KERNEL_RCSID(0, "$NetBSD: xform_esp.c,v 1.93 2018/05/30 16:49:38 maxv Exp $"); #if defined(_KERNEL_OPT) #include "opt_inet.h" @@ -317,6 +317,7 @@ esp_input(struct mbuf *m, struct secasva esph = sav->tdb_authalgxform; espx = sav->tdb_encalgxform; + KASSERT(espx != NULL); /* Determine the ESP header length */ if (sav->flags & SADB_X_EXT_OLD) @@ -362,7 +363,7 @@ esp_input(struct mbuf *m, struct secasva ESP_STATADD(ESP_STAT_IBYTES, m->m_pkthdr.len - skip - hlen - alen); /* Get crypto descriptors */ - crp = crypto_getreq(esph && espx ? 2 : 1); + crp = crypto_getreq(esph ? 2 : 1); if (crp == NULL) { DPRINTF(("%s: failed to acquire crypto descriptors\n", __func__)); @@ -396,15 +397,15 @@ esp_input(struct mbuf *m, struct secasva /* Authentication descriptor */ crda->crd_skip = skip; - if (espx && espx->type == CRYPTO_AES_GCM_16) + if (espx->type == CRYPTO_AES_GCM_16) crda->crd_len = hlen - sav->ivlen; else crda->crd_len = m->m_pkthdr.len - (skip + alen); crda->crd_inject = m->m_pkthdr.len - alen; crda->crd_alg = esph->type; - if (espx && (espx->type == CRYPTO_AES_GCM_16 || - espx->type == CRYPTO_AES_GMAC)) { + if (espx->type == CRYPTO_AES_GCM_16 || + espx->type == CRYPTO_AES_GMAC) { crda->crd_key = _KEYBUF(sav->key_enc); crda->crd_klen = _KEYBITS(sav->key_enc); } else { @@ -454,20 +455,17 @@ esp_input(struct mbuf *m, struct secasva tc->tc_sav = sav; /* Decryption descriptor */ - if (espx) { - KASSERTMSG(crde != NULL, "null esp crypto descriptor"); - crde->crd_skip = skip + hlen; - if (espx->type == CRYPTO_AES_GMAC) - crde->crd_len = 0; - else - crde->crd_len = m->m_pkthdr.len - (skip + hlen + alen); - crde->crd_inject = skip + hlen - sav->ivlen; - - crde->crd_alg = espx->type; - crde->crd_key = _KEYBUF(sav->key_enc); - crde->crd_klen = _KEYBITS(sav->key_enc); - /* XXX Rounds ? */ - } + KASSERTMSG(crde != NULL, "null esp crypto descriptor"); + crde->crd_skip = skip + hlen; + if (espx->type == CRYPTO_AES_GMAC) + crde->crd_len = 0; + else + crde->crd_len = m->m_pkthdr.len - (skip + hlen + alen); + crde->crd_inject = skip + hlen - sav->ivlen; + crde->crd_alg = espx->type; + crde->crd_key = _KEYBUF(sav->key_enc); + crde->crd_klen = _KEYBITS(sav->key_enc); + /* XXX Rounds ? */ return crypto_dispatch(crp);