Aren
/
NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

avoid unneeded malloc/free. sync w/kame

This commit is contained in:
itojun 2002-05-29 09:05:18 +00:00
parent 8b32b6b12c
commit 14dafa8f6a
1 changed files with 17 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

43
sys/netinet6/ah_input.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: ah_input.c,v 1.32 2002/03/18 15:30:03 itojun Exp $ */
/* $NetBSD: ah_input.c,v 1.33 2002/05/29 09:05:18 itojun Exp $ */
/* $KAME: ah_input.c,v 1.64 2001/09/04 08:43:19 itojun Exp $ */
/*
@ -35,7 +35,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: ah_input.c,v 1.32 2002/03/18 15:30:03 itojun Exp $");
__KERNEL_RCSID(0, "$NetBSD: ah_input.c,v 1.33 2002/05/29 09:05:18 itojun Exp $");
#include "opt_inet.h"
@ -100,7 +100,7 @@ ah4_input(m, va_alist)
const struct ah_algorithm *algo;
size_t siz;
size_t siz1;
u_char *cksum;
u_char cksum[AH_MAXSUMSIZE];
struct secasvar *sav = NULL;
u_int16_t nxt;
size_t hlen;
@ -224,6 +224,12 @@ ah4_input(m, va_alist)
ipsecstat.in_inval++;
goto fail;
}
if (siz1 > sizeof(cksum)) {
ipseclog((LOG_NOTICE, "sum length too large: %s\n",
ipsec4_logpacketstr(ip, spi)));
ipsecstat.in_inval++;
goto fail;
}
#ifndef PULLDOWN_TEST
if (m->m_len < off + sizeof(struct ah) + sizoff + siz1) {
@ -267,13 +273,6 @@ ah4_input(m, va_alist)
* alright, it seems sane. now we are going to check the
* cryptographic checksum.
*/
cksum = malloc(siz1, M_TEMP, M_NOWAIT);
if (!cksum) {
ipseclog((LOG_DEBUG, "IPv4 AH input: "
"couldn't alloc temporary region for cksum\n"));
ipsecstat.in_inval++;
goto fail;
}
{
#if 1
@ -285,7 +284,6 @@ ah4_input(m, va_alist)
ip->ip_off = htons(ip->ip_off);
#endif
if (ah4_calccksum(m, (caddr_t)cksum, siz1, algo, sav)) {
free(cksum, M_TEMP);
ipsecstat.in_inval++;
goto fail;
}
@ -314,14 +312,11 @@ ah4_input(m, va_alist)
ipseclog((LOG_WARNING,
"checksum mismatch in IPv4 AH input: %s %s\n",
ipsec4_logpacketstr(ip, spi), ipsec_logsastr(sav)));
free(cksum, M_TEMP);
ipsecstat.in_ahauthfail++;
goto fail;
}
}
free(cksum, M_TEMP);
m->m_flags |= M_AUTHIPHDR;
m->m_flags |= M_AUTHIPDGM;
@ -634,7 +629,7 @@ ah6_input(mp, offp, proto)
const struct ah_algorithm *algo;
size_t siz;
size_t siz1;
u_char *cksum;
u_char cksum[AH_MAXSUMSIZE];
struct secasvar *sav = NULL;
u_int16_t nxt;
int s;
@ -724,6 +719,13 @@ ah6_input(mp, offp, proto)
ipsec6stat.in_inval++;
goto fail;
}
if (siz1 > sizeof(cksum)) {
ipseclog((LOG_NOTICE, "sum length too large: %s\n",
ipsec6_logpacketstr(ip6, spi)));
ipsec6stat.in_inval++;
goto fail;
}
#ifndef PULLDOWN_TEST
IP6_EXTHDR_CHECK(m, off, sizeof(struct ah) + sizoff + siz1, IPPROTO_DONE);
#else
@ -758,16 +760,8 @@ ah6_input(mp, offp, proto)
* alright, it seems sane. now we are going to check the
* cryptographic checksum.
*/
cksum = malloc(siz1, M_TEMP, M_NOWAIT);
if (!cksum) {
ipseclog((LOG_DEBUG, "IPv6 AH input: "
"couldn't alloc temporary region for cksum\n"));
ipsec6stat.in_inval++;
goto fail;
}
if (ah6_calccksum(m, (caddr_t)cksum, siz1, algo, sav)) {
free(cksum, M_TEMP);
ipsec6stat.in_inval++;
goto fail;
}
@ -788,14 +782,11 @@ ah6_input(mp, offp, proto)
ipseclog((LOG_WARNING,
"checksum mismatch in IPv6 AH input: %s %s\n",
ipsec6_logpacketstr(ip6, spi), ipsec_logsastr(sav)));
free(cksum, M_TEMP);
ipsec6stat.in_ahauthfail++;
goto fail;
}
}
free(cksum, M_TEMP);
m->m_flags |= M_AUTHIPHDR;
m->m_flags |= M_AUTHIPDGM;