fix IPv6 ipsec template lossage.

- previous code grabbed new nexthdr mistakingly
- parameter passing must follow ip6protows
(actually the code will never get called until in6_proto.c is updated)

the current code assumes that {AH,ESP} is right next to IPv6 header.
the assumption must be removed, but it means that we need to chase
header chain...

3 files changed, 37 insertions, 27 deletions

diff --git a/sys/netinet/ip_ah.h b/sys/netinet/ip_ah.h
index 090d6e48195..bfcd1f48ad5 100644
--- a/sys/netinet/ip_ah.h
+++ b/sys/netinet/ip_ah.h
@@ -1,4 +1,4 @@
-/*	$OpenBSD: ip_ah.h,v 1.20 1999/12/25 07:09:42 angelos Exp $	*/
+/*	$OpenBSD: ip_ah.h,v 1.21 1999/12/31 22:19:42 itojun Exp $	*/
 
 /*
  * The authors of this code are John Ioannidis (ji@tla.org),
@@ -103,7 +103,7 @@ int	ah_output __P((struct mbuf *, struct tdb *, struct mbuf **));
 int	ah_sysctl __P((int *, u_int, void *, size_t *, void *, size_t));
 
 #ifdef INET6
-int	ah6_input __P((struct mbuf *, ...));
+int	ah6_input __P((struct mbuf **, int *, int));
 #endif /* INET6 */
 
 extern int ah_enable;
diff --git a/sys/netinet/ip_esp.h b/sys/netinet/ip_esp.h
index 3cd5c4b1902..578764a2451 100644
--- a/sys/netinet/ip_esp.h
+++ b/sys/netinet/ip_esp.h
@@ -1,4 +1,4 @@
-/*	$OpenBSD: ip_esp.h,v 1.27 1999/12/25 07:09:42 angelos Exp $	*/
+/*	$OpenBSD: ip_esp.h,v 1.28 1999/12/31 22:19:43 itojun Exp $	*/
 
 /*
  * The authors of this code are John Ioannidis (ji@tla.org),
@@ -97,7 +97,7 @@ int	esp_output __P((struct mbuf *, struct tdb *, struct mbuf **));
 int	esp_sysctl __P((int *, u_int, void *, size_t *, void *, size_t));
 
 #ifdef INET6
-int	esp6_input __P((struct mbuf *, ...));
+int	esp6_input __P((struct mbuf **, int *, int));
 #endif /* INET6 */
 
 extern int esp_enable;
diff --git a/sys/netinet/ipsec_input.c b/sys/netinet/ipsec_input.c
index aada36e372e..df1876b990f 100644
--- a/sys/netinet/ipsec_input.c
+++ b/sys/netinet/ipsec_input.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: ipsec_input.c,v 1.2 1999/12/25 07:09:43 angelos Exp $	*/
+/*	$OpenBSD: ipsec_input.c,v 1.3 1999/12/31 22:19:43 itojun Exp $	*/
 
 /*
  * The authors of this code are John Ioannidis (ji@tla.org),
@@ -570,41 +570,51 @@ esp_input(struct mbuf *m, ...)
 #ifdef INET6
 /* IPv6 AH wrapper */
 int
-ah6_input(struct mbuf *m, ...)
+ah6_input(struct mbuf **mp, int *offp, int proto)
 {
-    int *skip, protoff;
+    struct mbuf *m = *mp;
+    int protoff;
+    u_int8_t nxt;
 
-    va_list ap;
-	
-    va_start(ap, m);
-    skip = va_arg(ap, int *);
-    protoff = va_arg(ap, int);
-    va_end(ap);
+    /*
+     * XXX assuming that it is first hdr, i.e.
+     * offp == sizeof(struct ip6_hdr)
+     */
+    if (*offp != sizeof(struct ip6_hdr)) {
+	m_freem(m);
+	return IPPROTO_DONE;	/* not quite */
+    }
 
-    ipsec_common_input(m, *skip, protoff, AF_INET6, IPPROTO_AH);
+    protoff = offsetof(struct ip6_hdr, ip6_nxt);
+    ipsec_common_input(m, *offp, protoff, AF_INET6, proto);
 
     /* Retrieve new protocol */
-    m_copydata(m, protoff, sizeof(u_int8_t), (caddr_t) &protoff);
-    return protoff;
+    m_copydata(m, protoff, sizeof(u_int8_t), (caddr_t) &nxt);
+    return nxt;
 }
 
 /* IPv6 ESP wrapper */
 int
-esp6_input(struct mbuf *m, ...)
+esp6_input(struct mbuf **mp, int *offp, int proto)
 {
-    int *skip, protoff;
+    struct mbuf *m = *mp;
+    int protoff;
+    u_int8_t nxt;
 
-    va_list ap;
-	
-    va_start(ap, m);
-    skip = va_arg(ap, int *);
-    protoff = va_arg(ap, int);
-    va_end(ap);
+    /*
+     * XXX assuming that it is first hdr, i.e.
+     * offp == sizeof(struct ip6_hdr)
+     */
+    if (*offp != sizeof(struct ip6_hdr)) {
+	m_freem(m);
+	return IPPROTO_DONE;	/* not quite */
+    }
 
-    ipsec_common_input(m, *skip, protoff, AF_INET6, IPPROTO_ESP);
+    protoff = offsetof(struct ip6_hdr, ip6_nxt);
+    ipsec_common_input(m, *offp, protoff, AF_INET6, proto);
 
     /* Retrieve new protocol */
-    m_copydata(m, protoff, sizeof(u_int8_t), (caddr_t) &protoff);
-    return protoff;
+    m_copydata(m, protoff, sizeof(u_int8_t), (caddr_t) &nxt);
+    return nxt;
 }
 #endif /* INET6 */