[IPSEC]: Make AF_KEY allow NULL encryption.

de8c10fc · Joy Latten · David S. Miller · 903c788c · de8c10fc
Commit de8c10fc authored Feb 12, 2003 by Joy Latten Committed by David S. Miller Feb 12, 2003
Hide whitespace changes
Inline Side-by-side

Showing with 1 addition and 0 deletions

net/key/af_key.c net/key/af_key.c +1 -0

No files found.
--- a/net/key/af_key.c
+++ b/net/key/af_key.c
@@ -797,6 +797,7 @@ static struct xfrm_state * pfkey_msg2xfrm_state(struct sadb_msg *hdr,
 		return ERR_PTR(-EINVAL);
 	key = ext_hdrs[SADB_EXT_KEY_ENCRYPT-1];
 	if (key != NULL &&
+	    sa->sadb_sa_encrypt != SADB_EALG_NULL &&
 	    ((key->sadb_key_bits+7) / 8 == 0 ||
 	     (key->sadb_key_bits+7) / 8 > key->sadb_key_len * sizeof(uint64_t)))
 		return ERR_PTR(-EINVAL);