diff options
| author | Alexander Bluhm <bluhm@cvs.openbsd.org> | 2017-05-12 14:31:24 +0000 |
|---|---|---|
| committer | Alexander Bluhm <bluhm@cvs.openbsd.org> | 2017-05-12 14:31:24 +0000 |
| commit | 6538725ae0b7af2fc683108f98a78cf390e2e281 (patch) | |
| tree | ed5621915e903dbfc46d96ff61a1030dd6111fc0 /sys/netinet | |
| parent | 01476168460d3fd4edab3e573698f71c6efb7284 (diff) | |
Instead of printing a debug message at the end of processing, panic
early if the IPsec security protocol is unknown. ipsec_common_input()
and ipsec_common_input_cb() can only be called with the IP protocols
ESP, AH, or IPComp. Everything else is a programming mistake.
OK claudio@
Diffstat (limited to 'sys/netinet')
| -rw-r--r-- | sys/netinet/ipsec_input.c | 40 |
1 files changed, 21 insertions, 19 deletions
diff --git a/sys/netinet/ipsec_input.c b/sys/netinet/ipsec_input.c index 133a0e69422..9cfb4c28c01 100644 --- a/sys/netinet/ipsec_input.c +++ b/sys/netinet/ipsec_input.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ipsec_input.c,v 1.149 2017/05/11 12:14:43 bluhm Exp $ */ +/* $OpenBSD: ipsec_input.c,v 1.150 2017/05/12 14:31:23 bluhm Exp $ */ /* * The authors of this code are John Ioannidis (ji@tla.org), * Angelos D. Keromytis (kermit@csd.uch.gr) and @@ -172,15 +172,22 @@ ipsec_common_input(struct mbuf *m, int skip, int protoff, int af, int sproto, } /* Retrieve the SPI from the relevant IPsec header */ - if (sproto == IPPROTO_ESP) + switch (sproto) { + case IPPROTO_ESP: m_copydata(m, skip, sizeof(u_int32_t), (caddr_t) &spi); - else if (sproto == IPPROTO_AH) + break; + case IPPROTO_AH: m_copydata(m, skip + sizeof(u_int32_t), sizeof(u_int32_t), (caddr_t) &spi); - else if (sproto == IPPROTO_IPCOMP) { + break; + case IPPROTO_IPCOMP: m_copydata(m, skip + sizeof(u_int16_t), sizeof(u_int16_t), (caddr_t) &cpi); spi = ntohl(htons(cpi)); + break; + default: + panic("%s: unknown/unsupported security protocol %d", + __func__, sproto); } /* @@ -526,7 +533,8 @@ ipsec_common_input_cb(struct mbuf *m, struct tdb *tdbp, int skip, int protoff) m_tag_prepend(m, mtag); } - if (sproto == IPPROTO_ESP) { + switch (sproto) { + case IPPROTO_ESP: /* Packet is confidential ? */ if (tdbp->tdb_encalgxform) m->m_flags |= M_CONF; @@ -534,10 +542,16 @@ ipsec_common_input_cb(struct mbuf *m, struct tdb *tdbp, int skip, int protoff) /* Check if we had authenticated ESP. */ if (tdbp->tdb_authalgxform) m->m_flags |= M_AUTH; - } else if (sproto == IPPROTO_AH) { + break; + case IPPROTO_AH: m->m_flags |= M_AUTH; - } else if (sproto == IPPROTO_IPCOMP) { + break; + case IPPROTO_IPCOMP: m->m_flags |= M_COMP; + break; + default: + panic("%s: unknown/unsupported security protocol %d", + __func__, sproto); } #if NPF > 0 @@ -567,18 +581,6 @@ ipsec_common_input_cb(struct mbuf *m, struct tdb *tdbp, int skip, int protoff) } #endif - switch (sproto) { - case IPPROTO_ESP: - case IPPROTO_AH: - case IPPROTO_IPCOMP: - break; - default: - DPRINTF(("ipsec_common_input_cb(): unknown/unsupported" - " security protocol %d\n", sproto)); - m_freem(m); - return; - } - /* Call the appropriate IPsec transform callback. */ switch (af) { case AF_INET: |