Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

===================================================================
RCS file: /ftp/cvs/cvsroot/src/sys/netinet/udp_usrreq.c,v
rcsdiff: /ftp/cvs/cvsroot/src/sys/netinet/udp_usrreq.c,v: warning: Unknown phrases like `commitid ...;' are present.
retrieving revision 1.134.2.6
retrieving revision 1.135
diff -u -p -r1.134.2.6 -r1.135
--- src/sys/netinet/udp_usrreq.c	2005/12/29 16:10:18	1.134.2.6
+++ src/sys/netinet/udp_usrreq.c	2005/04/18 21:50:25	1.135
@@ -1,4 +1,4 @@
-/*	$NetBSD: udp_usrreq.c,v 1.134.2.6 2005/12/29 16:10:18 riz Exp $	*/
+/*	$NetBSD: udp_usrreq.c,v 1.135 2005/04/18 21:50:25 yamt Exp $	*/
 
 /*
  * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@@ -61,7 +61,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: udp_usrreq.c,v 1.134.2.6 2005/12/29 16:10:18 riz Exp $");
+__KERNEL_RCSID(0, "$NetBSD: udp_usrreq.c,v 1.135 2005/04/18 21:50:25 yamt Exp $");
 
 #include "opt_inet.h"
 #include "opt_ipsec.h"
@@ -152,13 +152,13 @@ struct	udpstat udpstat;
 
 #ifdef INET
 #ifdef IPSEC_NAT_T
-static int udp4_espinudp (struct mbuf **, int, struct sockaddr *,
+static int udp4_espinudp (struct mbuf *, int, struct sockaddr *,
 	struct socket *);
 #endif
 static void udp4_sendup (struct mbuf *, int, struct sockaddr *,
 	struct socket *);
 static int udp4_realinput (struct sockaddr_in *, struct sockaddr_in *,
-	struct mbuf **, int);
+	struct mbuf *, int);
 static int udp4_input_checksum(struct mbuf *, const struct udphdr *, int, int);
 #endif
 #ifdef INET6
@@ -382,10 +382,7 @@ udp_input(struct mbuf *m, ...)
 	bcopy(&ip->ip_dst, &dst.sin_addr, sizeof(dst.sin_addr));
 	dst.sin_port = uh->uh_dport;
 
-	if ((n = udp4_realinput(&src, &dst, &m, iphlen)) == -1) {
-		udpstat.udps_hdrops++;
-		return;
-	}
+	n = udp4_realinput(&src, &dst, m, iphlen);
 #ifdef INET6
 	if (IN_MULTICAST(ip->ip_dst.s_addr) || n == 0) {
 		struct sockaddr_in6 src6, dst6;
@@ -662,14 +659,13 @@ udp6_sendup(struct mbuf *m, int off /* o
 #ifdef INET
 static int
 udp4_realinput(struct sockaddr_in *src, struct sockaddr_in *dst,
-	struct mbuf **mp, int off /* offset of udphdr */)
+	struct mbuf *m, int off /* offset of udphdr */)
 {
 	u_int16_t *sport, *dport;
 	int rcvcnt;
 	struct in_addr *src4, *dst4;
 	struct inpcb_hdr *inph;
 	struct inpcb *inp;
-	struct mbuf *m = *mp;
 
 	rcvcnt = 0;
 	off += sizeof(struct udphdr);	/* now, offset of payload */
@@ -757,26 +753,12 @@ udp4_realinput(struct sockaddr_in *src, 
 		if (inp->inp_flags & INP_ESPINUDP_ALL) {
 			struct sockaddr *sa = (struct sockaddr *)src;
 
-			switch(udp4_espinudp(mp, off, sa, inp->inp_socket)) {
-			case -1: 	/* Error, m was freeed */
-				rcvcnt = -1;
-				goto bad;
-				break;
-
-			case 1:		/* ESP over UDP */
+			if (udp4_espinudp(m, off, sa, inp->inp_socket) != 0) {
 				rcvcnt++;
 				goto bad;
-				break;
-
-			case 0: 	/* plain UDP */
-			default: 	/* Unexpected */
-				/* 
-				 * Normal UDP processing will take place 
-				 * m may have changed.
-				 */
-				m = *mp;
-				break;
 			}
+
+			/* Normal UDP processing will take place */
 		}
 #endif
 
@@ -1359,11 +1341,10 @@ SYSCTL_SETUP(sysctl_net_inet_udp_setup, 
  * Returns:
  * 1 if the packet was processed
  * 0 if normal UDP processing should take place
- * -1 if an error occurent and m was freed
  */
 static int
-udp4_espinudp(mp, off, src, so)
-	struct mbuf **mp;
+udp4_espinudp(m, off, src, so)
+	struct mbuf *m;
 	int off;
 	struct sockaddr *src;
 	struct socket *so;
@@ -1376,10 +1357,6 @@ udp4_espinudp(mp, off, src, so)
 	size_t iphdrlen;
 	struct ip *ip;
 	struct mbuf *n;
-	struct m_tag *tag;
-	struct udphdr *udphdr;
-	u_int16_t sport, dport;
-	struct mbuf *m = *mp;
 
 	/*
 	 * Collapse the mbuf chain if the first mbuf is too short
@@ -1390,11 +1367,10 @@ udp4_espinudp(mp, off, src, so)
 		minlen = m->m_pkthdr.len;
 
 	if (m->m_len < minlen) {
-		if ((*mp = m_pullup(m, minlen)) == NULL) {
+		if ((m = m_pullup(m, minlen)) == NULL) {
 			printf("udp4_espinudp: m_pullup failed\n");
-			return -1;
+			return 0;
 		}
-		m = *mp;
 	}
 
 	len = m->m_len - off;
@@ -1421,24 +1397,16 @@ udp4_espinudp(mp, off, src, so)
 	}
 
 	if (inp->inp_flags & INP_ESPINUDP_NON_IKE) {
-		u_int32_t *st = (u_int32_t *)data;
+		u_int64_t *st = (u_int64_t *)data;
 
 		if ((len <= sizeof(u_int64_t) + sizeof(struct esp))
-		    || ((st[0] | st[1]) != 0))
+		    || (*st != 0))
 			return 0; /* Normal UDP processing */
 
 		skip = sizeof(struct udphdr) + sizeof(u_int64_t);
 	}
 
 	/*
-	 * Get the UDP ports. They are handled in network 
-	 * order everywhere in IPSEC_NAT_T code.
-	 */
-	udphdr = (struct udphdr *)(data - skip);
-	sport = udphdr->uh_sport;
-	dport = udphdr->uh_dport;
-
-	/*
 	 * Remove the UDP header (and possibly the non ESP marker)
 	 * IP header lendth is iphdrlen
 	 * Before:
@@ -1471,22 +1439,6 @@ udp4_espinudp(mp, off, src, so)
 		return 0;
 	}
 
-	/*
-	 * Add a PACKET_TAG_IPSEC_NAT_T_PORT tag to remember
-	 * the source UDP port. This is required if we want
-	 * to select the right SPD for multiple hosts behind 
-	 * same NAT 
-	 */
-	if ((tag = m_tag_get(PACKET_TAG_IPSEC_NAT_T_PORTS,
-	    sizeof(sport) + sizeof(dport), M_DONTWAIT)) == NULL) {
-		printf("udp4_espinudp: m_tag_get failed\n");
-		m_freem(n);
-		return 0;
-	}
-	((u_int16_t *)(tag + 1))[0] = sport;
-	((u_int16_t *)(tag + 1))[1] = dport;
-	m_tag_prepend(n, tag);
-
 	esp4_input(n, iphdrlen);
 
 	/* We handled it, it shoudln't be handled by UDP */