diff options
| -rw-r--r-- | sys/netinet/ip_esp.c | 29 |
1 files changed, 15 insertions, 14 deletions
diff --git a/sys/netinet/ip_esp.c b/sys/netinet/ip_esp.c index 729bb8bab8d..28fc007abce 100644 --- a/sys/netinet/ip_esp.c +++ b/sys/netinet/ip_esp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ip_esp.c,v 1.38 2000/03/29 07:19:50 angelos Exp $ */ +/* $OpenBSD: ip_esp.c,v 1.39 2000/03/30 06:17:56 angelos Exp $ */ /* * The authors of this code are John Ioannidis (ji@tla.org), @@ -390,6 +390,20 @@ esp_input(struct mbuf *m, struct tdb *tdb, int skip, int protoff) crda->crd_alg = esph->type; crda->crd_key = tdb->tdb_amxkey; crda->crd_klen = tdb->tdb_amxkeylen * 8; + + /* Keep a copy of the authenticator */ + MALLOC(crp->crp_opaque4, caddr_t, alen, M_XDATA, M_DONTWAIT); + if (crp->crp_opaque4 == 0) + { + m_freem(m); + crypto_freereq(crp); + DPRINTF(("esp_input(): failed to allocate auth array\n")); + espstat.esps_crypto++; + return ENOBUFS; + } + + /* Copy the authenticator */ + m_copydata(m, m->m_pkthdr.len - alen, alen, crp->crp_opaque4); } else crde = crp->crp_desc; @@ -433,19 +447,6 @@ esp_input(struct mbuf *m, struct tdb *tdb, int skip, int protoff) /* XXX Rounds ? */ } - MALLOC(crp->crp_opaque4, caddr_t, alen, M_XDATA, M_DONTWAIT); - if (crp->crp_opaque4 == 0) - { - m_freem(m); - crypto_freereq(crp); - DPRINTF(("esp_input(): failed to allocate auth array\n")); - espstat.esps_crypto++; - return ENOBUFS; - } - - /* Copy the authenticator */ - m_copydata(m, m->m_pkthdr.len - alen, alen, crp->crp_opaque4); - return crypto_dispatch(crp); } |