summaryrefslogtreecommitdiff
path: root/sys/netinet
diff options
context:
space:
mode:
authorMarkus Friedl <markus@cvs.openbsd.org>2005-08-05 12:16:14 +0000
committerMarkus Friedl <markus@cvs.openbsd.org>2005-08-05 12:16:14 +0000
commit4781d6fc35f83f2ae60622d6110290ca0e6baae5 (patch)
treebae0b4bd9ee3579a9e1f6a749ee93a218fc89659 /sys/netinet
parent417c9e8e69d338426f7f395f6e07413f20e904c6 (diff)
don't panic for SADB_ADD w/o enc/auth, with and ok hshoexer@
Diffstat (limited to 'sys/netinet')
-rw-r--r--sys/netinet/ip_esp.c8
1 files changed, 7 insertions, 1 deletions
diff --git a/sys/netinet/ip_esp.c b/sys/netinet/ip_esp.c
index 494f9e37b9e..e21b373d14b 100644
--- a/sys/netinet/ip_esp.c
+++ b/sys/netinet/ip_esp.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ip_esp.c,v 1.94 2005/08/02 10:51:47 djm Exp $ */
+/* $OpenBSD: ip_esp.c,v 1.95 2005/08/05 12:16:13 markus Exp $ */
/*
* The authors of this code are John Ioannidis (ji@tla.org),
* Angelos D. Keromytis (kermit@csd.uch.gr) and
@@ -103,6 +103,12 @@ esp_init(struct tdb *tdbp, struct xformsw *xsp, struct ipsecinit *ii)
struct auth_hash *thash = NULL;
struct cryptoini cria, crie;
+ if (!ii->ii_encalg && !ii->ii_authalg) {
+ DPRINTF(("esp_init(): neither authentication nor encryption "
+ "algorithm given"));
+ return EINVAL;
+ }
+
if (ii->ii_encalg) {
switch (ii->ii_encalg) {
case SADB_EALG_NULL: