diff options
-rw-r--r-- | sbin/isakmpd/pf_key_v2.c | 37 |
1 files changed, 20 insertions, 17 deletions
diff --git a/sbin/isakmpd/pf_key_v2.c b/sbin/isakmpd/pf_key_v2.c index e4d93821a6a..50da51afa7d 100644 --- a/sbin/isakmpd/pf_key_v2.c +++ b/sbin/isakmpd/pf_key_v2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pf_key_v2.c,v 1.137 2003/11/06 16:12:07 ho Exp $ */ +/* $OpenBSD: pf_key_v2.c,v 1.138 2004/03/10 09:28:46 ho Exp $ */ /* $EOM: pf_key_v2.c,v 1.79 2000/12/12 00:33:19 niklas Exp $ */ /* @@ -1315,22 +1315,25 @@ pf_key_v2_set_spi (struct sa *sa, struct proto *proto, int incoming, if (proto->proto != IPSEC_PROTO_IPCOMP) { /* Setup the KEY extensions. */ - len = sizeof *key + PF_KEY_V2_ROUND (hashlen); - key = malloc (len); - if (!key) - goto cleanup; - key->sadb_key_exttype = SADB_EXT_KEY_AUTH; - key->sadb_key_len = len / PF_KEY_V2_CHUNK; - key->sadb_key_bits = hashlen * 8; - key->sadb_key_reserved = 0; - memcpy (key + 1, - iproto->keymat[incoming] - + (proto->proto == IPSEC_PROTO_IPSEC_ESP ? keylen : 0), - hashlen); - if (pf_key_v2_msg_add (update, (struct sadb_ext *)key, - PF_KEY_V2_NODE_MALLOCED) == -1) - goto cleanup; - key = 0; + if (hashlen) + { + len = sizeof *key + PF_KEY_V2_ROUND (hashlen); + key = malloc (len); + if (!key) + goto cleanup; + key->sadb_key_exttype = SADB_EXT_KEY_AUTH; + key->sadb_key_len = len / PF_KEY_V2_CHUNK; + key->sadb_key_bits = hashlen * 8; + key->sadb_key_reserved = 0; + memcpy (key + 1, + iproto->keymat[incoming] + + (proto->proto == IPSEC_PROTO_IPSEC_ESP ? keylen : 0), + hashlen); + if (pf_key_v2_msg_add (update, (struct sadb_ext *)key, + PF_KEY_V2_NODE_MALLOCED) == -1) + goto cleanup; + key = 0; + } if (keylen) { |