In ipsec_common_input_cb() pass mbuf pointer to pf_test() so that

author bluhm <bluhm@openbsd.org>

Mon, 1 Nov 2021 09:19:10 +0000 (09:19 +0000)

committer bluhm <bluhm@openbsd.org>

Mon, 1 Nov 2021 09:19:10 +0000 (09:19 +0000)
author bluhm <bluhm@openbsd.org>
Mon, 1 Nov 2021 09:19:10 +0000 (09:19 +0000)
committer bluhm <bluhm@openbsd.org>
Mon, 1 Nov 2021 09:19:10 +0000 (09:19 +0000)
diff --git a/sys/netinet/ipsec_input.c b/sys/netinet/ipsec_input.c

index 9711e52..6f575d4 100644 (file)
--- a/sys/netinet/ipsec_input.c
+++ b/sys/netinet/ipsec_input.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: ipsec_input.c,v 1.189 2021/10/24 22:59:47 bluhm Exp $ */
+/*     $OpenBSD: ipsec_input.c,v 1.190 2021/11/01 09:19:10 bluhm Exp $ */
  /*
   * The authors of this code are John Ioannidis (ji@tla.org),
   * Angelos D. Keromytis (kermit@csd.uch.gr) and
@@ -623,10 +623,11 @@ ipsec_common_input_cb(struct mbuf **mp, struct tdb *tdbp, int skip, int protoff)
                 if ((ifp = if_get(m->m_pkthdr.ph_ifidx)) == NULL) {
                         goto baddone;
                 }
-               if (pf_test(af, PF_IN, ifp, &m) != PF_PASS) {
+               if (pf_test(af, PF_IN, ifp, mp) != PF_PASS) {
                         if_put(ifp);
                         goto baddone;
                 }
+               m = *mp;
                 if_put(ifp);
                 if (m == NULL)
                         return 0;
author	bluhm <bluhm@openbsd.org>
	Mon, 1 Nov 2021 09:19:10 +0000 (09:19 +0000)
committer	bluhm <bluhm@openbsd.org>
	Mon, 1 Nov 2021 09:19:10 +0000 (09:19 +0000)