Make sure that either inp is NULL or we have obtained a lock on it before

jumping to dropunlock to avoid a panic.  While here move the calls to
ipsec4_in_reject() and ipsec6_in_reject() so they are after we obtain
the lock on inp.

Original patch to avoid panic:	pjd
Review of locking adjustments:	gnn, sam
Approved by:			re (rwatson)

1 files changed, 13 insertions, 13 deletions

diff --git a/sys/netinet/tcp_input.c b/sys/netinet/tcp_input.c
index 42d8147..f114bfd 100644
--- a/sys/netinet/tcp_input.c
+++ b/sys/netinet/tcp_input.c
@@ -448,19 +448,6 @@ findpcb:
 						m->m_pkthdr.rcvif);
 	}
 
-#ifdef IPSEC
-#ifdef INET6
-	if (isipv6 && inp != NULL && ipsec6_in_reject(m, inp)) {
-		ipsec6stat.in_polvio++;
-		goto dropunlock;
-	} else
-#endif /* INET6 */
-	if (inp != NULL && ipsec4_in_reject(m, inp)) {
-		ipsec4stat.in_polvio++;
-		goto dropunlock;
-	}
-#endif /* IPSEC */
-
 	/*
 	 * If the INPCB does not exist then all data in the incoming
 	 * segment is discarded and an appropriate RST is sent back.
@@ -489,6 +476,19 @@ findpcb:
 	}
 	INP_LOCK(inp);
 
+#ifdef IPSEC
+#ifdef INET6
+	if (isipv6 && ipsec6_in_reject(m, inp)) {
+		ipsec6stat.in_polvio++;
+		goto dropunlock;
+	} else
+#endif /* INET6 */
+	if (ipsec4_in_reject(m, inp) != 0) {
+		ipsec4stat.in_polvio++;
+		goto dropunlock;
+	}
+#endif /* IPSEC */
+
 	/*
 	 * Check the minimum TTL for socket.
 	 */