summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--sys/netinet/ip_ah.c9
-rw-r--r--sys/netinet/ip_esp.c9
2 files changed, 14 insertions, 4 deletions
diff --git a/sys/netinet/ip_ah.c b/sys/netinet/ip_ah.c
index ef632660fcb..b6ca4aabb67 100644
--- a/sys/netinet/ip_ah.c
+++ b/sys/netinet/ip_ah.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ip_ah.c,v 1.79 2003/08/14 19:00:12 jason Exp $ */
+/* $OpenBSD: ip_ah.c,v 1.80 2005/05/27 18:23:18 markus Exp $ */
/*
* The authors of this code are John Ioannidis (ji@tla.org),
* Angelos D. Keromytis (kermit@csd.uch.gr) and
@@ -494,7 +494,6 @@ int
ah_input(struct mbuf *m, struct tdb *tdb, int skip, int protoff)
{
struct auth_hash *ahx = (struct auth_hash *) tdb->tdb_authalgxform;
- struct tdb_ident *tdbi;
struct tdb_crypto *tc;
struct m_tag *mtag;
u_int32_t btsx;
@@ -606,10 +605,13 @@ ah_input(struct mbuf *m, struct tdb *tdb, int skip, int protoff)
crda->crd_key = tdb->tdb_amxkey;
crda->crd_klen = tdb->tdb_amxkeylen * 8;
+#ifdef notyet
/* Find out if we've already done crypto. */
for (mtag = m_tag_find(m, PACKET_TAG_IPSEC_IN_CRYPTO_DONE, NULL);
mtag != NULL;
mtag = m_tag_find(m, PACKET_TAG_IPSEC_IN_CRYPTO_DONE, mtag)) {
+ struct tdb_ident *tdbi;
+
tdbi = (struct tdb_ident *) (mtag + 1);
if (tdbi->proto == tdb->tdb_sproto &&
tdbi->spi == tdb->tdb_spi &&
@@ -617,6 +619,9 @@ ah_input(struct mbuf *m, struct tdb *tdb, int skip, int protoff)
sizeof(union sockaddr_union)))
break;
}
+#else
+ mtag = NULL;
+#endif
/* Allocate IPsec-specific opaque crypto info. */
if (mtag == NULL)
diff --git a/sys/netinet/ip_esp.c b/sys/netinet/ip_esp.c
index 26f2a1eff29..de2894d89c6 100644
--- a/sys/netinet/ip_esp.c
+++ b/sys/netinet/ip_esp.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ip_esp.c,v 1.90 2005/05/25 05:47:53 markus Exp $ */
+/* $OpenBSD: ip_esp.c,v 1.91 2005/05/27 18:23:18 markus Exp $ */
/*
* The authors of this code are John Ioannidis (ji@tla.org),
* Angelos D. Keromytis (kermit@csd.uch.gr) and
@@ -276,7 +276,6 @@ esp_input(struct mbuf *m, struct tdb *tdb, int skip, int protoff)
{
struct auth_hash *esph = (struct auth_hash *) tdb->tdb_authalgxform;
struct enc_xform *espx = (struct enc_xform *) tdb->tdb_encalgxform;
- struct tdb_ident *tdbi;
struct tdb_crypto *tc;
int plen, alen, hlen;
struct m_tag *mtag;
@@ -368,15 +367,21 @@ esp_input(struct mbuf *m, struct tdb *tdb, int skip, int protoff)
tdb->tdb_flags &= ~TDBF_SOFT_BYTES; /* Turn off checking */
}
+#ifdef notyet
/* Find out if we've already done crypto */
for (mtag = m_tag_find(m, PACKET_TAG_IPSEC_IN_CRYPTO_DONE, NULL);
mtag != NULL;
mtag = m_tag_find(m, PACKET_TAG_IPSEC_IN_CRYPTO_DONE, mtag)) {
+ struct tdb_ident *tdbi;
+
tdbi = (struct tdb_ident *) (mtag + 1);
if (tdbi->proto == tdb->tdb_sproto && tdbi->spi == tdb->tdb_spi &&
!bcmp(&tdbi->dst, &tdb->tdb_dst, sizeof(union sockaddr_union)))
break;
}
+#else
+ mtag = NULL;
+#endif
/* Get crypto descriptors */
crp = crypto_getreq(esph && espx ? 2 : 1);