diff options
| author | Bjoern A. Zeeb <bz@FreeBSD.org> | 2007-06-15 21:32:51 +0000 |
|---|---|---|
| committer | Bjoern A. Zeeb <bz@FreeBSD.org> | 2007-06-15 21:32:51 +0000 |
| commit | f4760821dbe9934086f47ce9df51d43f2ca7d929 (patch) | |
| tree | 7e360929e6e1741a7bc7ff0dba76604481359e41 /sys/netipsec/ipsec_input.c | |
| parent | b9e7085a57599e8e9c76c1b46b3f3f556d7725c4 (diff) | |
Notes
Diffstat (limited to 'sys/netipsec/ipsec_input.c')
| -rw-r--r-- | sys/netipsec/ipsec_input.c | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/sys/netipsec/ipsec_input.c b/sys/netipsec/ipsec_input.c index 33685602e3f3..2587f64843b7 100644 --- a/sys/netipsec/ipsec_input.c +++ b/sys/netipsec/ipsec_input.c @@ -116,6 +116,10 @@ ipsec_common_input(struct mbuf *m, int skip, int protoff, int af, int sproto) IPSEC_ASSERT(m != NULL, ("null packet")); + IPSEC_ASSERT(sproto == IPPROTO_ESP || sproto == IPPROTO_AH || + sproto == IPPROTO_IPCOMP, + ("unexpected security protocol %u", sproto)); + if ((sproto == IPPROTO_ESP && !esp_enable) || (sproto == IPPROTO_AH && !ah_enable) || (sproto == IPPROTO_IPCOMP && !ipcomp_enable)) { |