Fixed problem with authenticator length checking.

author angelos <angelos@openbsd.org>

Sat, 22 Feb 1997 11:34:46 +0000 (11:34 +0000)

committer angelos <angelos@openbsd.org>

Sat, 22 Feb 1997 11:34:46 +0000 (11:34 +0000)
author angelos <angelos@openbsd.org>
Sat, 22 Feb 1997 11:34:46 +0000 (11:34 +0000)
committer angelos <angelos@openbsd.org>
Sat, 22 Feb 1997 11:34:46 +0000 (11:34 +0000)
diff --git a/sys/netinet/ip_ahhmacmd5.c b/sys/netinet/ip_ahhmacmd5.c

index c4ddea1..1ee56be 100644 (file)
--- a/sys/netinet/ip_ahhmacmd5.c
+++ b/sys/netinet/ip_ahhmacmd5.c
@@ -189,7 +189,7 @@ ahhmacmd5_input(struct mbuf *m, struct tdb *tdb)
          else
            ado = 0;
  
-        if (ah->ah_hl != xd->amx_alen + ado)
+        if (ah->ah_hl * sizeof(u_int32_t) != xd->amx_alen + ado)
          {
  #ifdef ENCDEBUG
                  if (encdebug)
diff --git a/sys/netinet/ip_ahhmacsha1.c b/sys/netinet/ip_ahhmacsha1.c

index 6e66955..9a9d4e3 100644 (file)
--- a/sys/netinet/ip_ahhmacsha1.c
+++ b/sys/netinet/ip_ahhmacsha1.c
@@ -189,7 +189,7 @@ ahhmacsha1_input(struct mbuf *m, struct tdb *tdb)
          else
            ado = 0;
  
-        if (ah->ah_hl != xd->amx_alen + ado)
+        if (ah->ah_hl * sizeof(u_int32_t) != xd->amx_alen + ado)
          {
  #ifdef ENCDEBUG
                  if (encdebug)
author	angelos <angelos@openbsd.org>
	Sat, 22 Feb 1997 11:34:46 +0000 (11:34 +0000)
committer	angelos <angelos@openbsd.org>
	Sat, 22 Feb 1997 11:34:46 +0000 (11:34 +0000)
sys/netinet/ip_ahhmacmd5.c		patch \| blob \| history
sys/netinet/ip_ahhmacsha1.c		patch \| blob \| history