diff options
| author | Niels Provos <provos@cvs.openbsd.org> | 1997-11-18 00:12:16 +0000 |
|---|---|---|
| committer | Niels Provos <provos@cvs.openbsd.org> | 1997-11-18 00:12:16 +0000 |
| commit | c08df90be197464bc742f0b0dc596cb7b7da823e (patch) | |
| tree | cba8343151046e439bdf5d394cfbb7955ef60c79 /sys | |
| parent | 61e7274ed74e58cca74d83765d38666c5b9903ee (diff) | |
make old style padding default again.
Diffstat (limited to 'sys')
| -rw-r--r-- | sys/netinet/ip_esp.h | 4 | ||||
| -rw-r--r-- | sys/netinet/ip_esp_new.c | 14 |
2 files changed, 9 insertions, 9 deletions
diff --git a/sys/netinet/ip_esp.h b/sys/netinet/ip_esp.h index 16c7c0b77b3..c28421c1d60 100644 --- a/sys/netinet/ip_esp.h +++ b/sys/netinet/ip_esp.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ip_esp.h,v 1.14 1997/11/04 09:11:10 provos Exp $ */ +/* $OpenBSD: ip_esp.h,v 1.15 1997/11/18 00:12:14 provos Exp $ */ /* * The author of this code is John Ioannidis, ji@tla.org, @@ -160,7 +160,7 @@ struct esp_new_xencap #define ESP_NEW_XENCAP_LEN (6 * sizeof(u_int32_t)) #define ESP_NEW_FLAG_AUTH 0x00000001 /* Doing authentication too */ -#define ESP_NEW_FLAG_OPADDING 0x00000002 /* Old style padding */ +#define ESP_NEW_FLAG_NPADDING 0x00000002 /* New style padding */ struct esp_new_xdata { diff --git a/sys/netinet/ip_esp_new.c b/sys/netinet/ip_esp_new.c index c442cdda2f7..f5d709a50f5 100644 --- a/sys/netinet/ip_esp_new.c +++ b/sys/netinet/ip_esp_new.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ip_esp_new.c,v 1.11 1997/11/15 00:07:08 deraadt Exp $ */ +/* $OpenBSD: ip_esp_new.c,v 1.12 1997/11/18 00:12:15 provos Exp $ */ /* * The author of this code is John Ioannidis, ji@tla.org, @@ -727,7 +727,7 @@ esp_new_input(struct mbuf *m, struct tdb *tdb) * Verify correct decryption by checking the last padding bytes. */ - if (xd->edx_flags & ESP_NEW_FLAG_OPADDING) + if ((xd->edx_flags & ESP_NEW_FLAG_NPADDING) == 0) { if ((blk[6] != blk[5]) && (blk[6] != 0)) { @@ -782,7 +782,7 @@ esp_new_input(struct mbuf *m, struct tdb *tdb) ipo.ip_len += (ipo.ip_hl << 2) - 2 * sizeof(u_int32_t) - xd->edx_ivlen - blk[6] - 1 - alen; - if (xd->edx_flags & ESP_NEW_FLAG_OPADDING) + if ((xd->edx_flags & ESP_NEW_FLAG_NPADDING) == 0) ipo.ip_len -= 1; ipo.ip_len = htons(ipo.ip_len); @@ -802,7 +802,7 @@ esp_new_input(struct mbuf *m, struct tdb *tdb) espstat.esps_ibytes += ntohs(ip->ip_len) - (ip->ip_hl << 2) + blk[6] + 1 + alen; - if (xd->edx_flags & ESP_NEW_FLAG_OPADDING) + if ((xd->edx_flags & ESP_NEW_FLAG_NPADDING) == 0) { tdb->tdb_cur_bytes++; espstat.esps_ibytes++; @@ -950,10 +950,10 @@ esp_new_output(struct mbuf *m, struct sockaddr_encap *gw, struct tdb *tdb, for (i = 0; i < padding - 2; i++) pad[i] = i + 1; - if (xd->edx_flags & ESP_NEW_FLAG_OPADDING) - pad[padding - 2] = padding - 2; - else + if (xd->edx_flags & ESP_NEW_FLAG_NPADDING) pad[padding - 2] = padding - 1; + else + pad[padding - 2] = padding - 2; pad[padding - 1] = nh; |