From: angelos Date: Thu, 30 Mar 2000 06:17:56 +0000 (+0000) Subject: Only allocate space for a copy of the authenticator if authentication X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=a713ebee10425fe155812bc2be4ef41ddc84c68a;p=openbsd Only allocate space for a copy of the authenticator if authentication is in use. --- diff --git a/sys/netinet/ip_esp.c b/sys/netinet/ip_esp.c index 729bb8bab8d..28fc007abce 100644 --- a/sys/netinet/ip_esp.c +++ b/sys/netinet/ip_esp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ip_esp.c,v 1.38 2000/03/29 07:19:50 angelos Exp $ */ +/* $OpenBSD: ip_esp.c,v 1.39 2000/03/30 06:17:56 angelos Exp $ */ /* * The authors of this code are John Ioannidis (ji@tla.org), @@ -390,6 +390,20 @@ esp_input(struct mbuf *m, struct tdb *tdb, int skip, int protoff) crda->crd_alg = esph->type; crda->crd_key = tdb->tdb_amxkey; crda->crd_klen = tdb->tdb_amxkeylen * 8; + + /* Keep a copy of the authenticator */ + MALLOC(crp->crp_opaque4, caddr_t, alen, M_XDATA, M_DONTWAIT); + if (crp->crp_opaque4 == 0) + { + m_freem(m); + crypto_freereq(crp); + DPRINTF(("esp_input(): failed to allocate auth array\n")); + espstat.esps_crypto++; + return ENOBUFS; + } + + /* Copy the authenticator */ + m_copydata(m, m->m_pkthdr.len - alen, alen, crp->crp_opaque4); } else crde = crp->crp_desc; @@ -433,19 +447,6 @@ esp_input(struct mbuf *m, struct tdb *tdb, int skip, int protoff) /* XXX Rounds ? */ } - MALLOC(crp->crp_opaque4, caddr_t, alen, M_XDATA, M_DONTWAIT); - if (crp->crp_opaque4 == 0) - { - m_freem(m); - crypto_freereq(crp); - DPRINTF(("esp_input(): failed to allocate auth array\n")); - espstat.esps_crypto++; - return ENOBUFS; - } - - /* Copy the authenticator */ - m_copydata(m, m->m_pkthdr.len - alen, alen, crp->crp_opaque4); - return crypto_dispatch(crp); }