diff options
-rw-r--r-- | sys/netinet/ipsec_output.c | 9 |
1 files changed, 6 insertions, 3 deletions
diff --git a/sys/netinet/ipsec_output.c b/sys/netinet/ipsec_output.c index da7dcfb47b6..d14e0abe205 100644 --- a/sys/netinet/ipsec_output.c +++ b/sys/netinet/ipsec_output.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ipsec_output.c,v 1.28 2003/12/02 23:16:29 markus Exp $ */ +/* $OpenBSD: ipsec_output.c,v 1.29 2004/06/21 23:11:39 markus Exp $ */ /* * The author of this code is Angelos D. Keromytis (angelos@cis.upenn.edu) * @@ -340,11 +340,14 @@ ipsp_process_done(struct mbuf *m, struct tdb *tdb) tdb->tdb_last_used = time.tv_sec; - if (udpencap_enable && udpencap_port && - (tdb->tdb_flags & TDBF_UDPENCAP) != 0) { + if ((tdb->tdb_flags & TDBF_UDPENCAP) != 0) { struct mbuf *mi; struct udphdr *uh; + if (!udpencap_enable || !udpencap_port) { + m_freem(m); + return ENXIO; + } mi = m_inject(m, sizeof(struct ip), sizeof(struct udphdr), M_DONTWAIT); if (mi == NULL) { |