Index: sys/netproto/ipsec/ipsec.c
===================================================================
RCS file: /home/dcvs/src/sys/netproto/ipsec/ipsec.c,v
retrieving revision 1.13
diff -u -r1.13 ipsec.c
--- sys/netproto/ipsec/ipsec.c	14 Jan 2006 13:36:40 -0000	1.13
+++ sys/netproto/ipsec/ipsec.c	22 Apr 2006 12:01:51 -0000
@@ -672,7 +672,7 @@
 			spidx->dst.sin.sin_port = uh.uh_dport;
 			return;
 		case IPPROTO_AH:
-			if (m->m_pkthdr.len > off + sizeof(ip6e))
+			if (off + sizeof(ip6e) > m->m_pkthdr.len)
 				goto done;
 			/* XXX sigh, this works but is totally bogus */
 			m_copydata(m, off, sizeof(ip6e), (caddr_t) &ip6e);
Index: sys/netproto/ipsec/keysock.c
===================================================================
RCS file: /home/dcvs/src/sys/netproto/ipsec/keysock.c,v
retrieving revision 1.11
diff -u -r1.11 keysock.c
--- sys/netproto/ipsec/keysock.c	14 Jan 2006 13:36:40 -0000	1.11
+++ sys/netproto/ipsec/keysock.c	19 Apr 2006 18:00:36 -0000
@@ -48,6 +48,7 @@
 #include <sys/socketvar.h>
 #include <sys/sysctl.h>
 #include <sys/systm.h>
+#include <sys/thread2.h>
 
 #include <net/raw_cb.h>
 #include <net/route.h>
Index: sys/netproto/ipsec/xform_ipcomp.c
===================================================================
RCS file: /home/dcvs/src/sys/netproto/ipsec/xform_ipcomp.c,v
retrieving revision 1.7
diff -u -r1.7 xform_ipcomp.c
--- sys/netproto/ipsec/xform_ipcomp.c	10 Jun 2005 23:59:31 -0000	1.7
+++ sys/netproto/ipsec/xform_ipcomp.c	19 Apr 2006 17:46:55 -0000
@@ -40,6 +40,7 @@
 #include <sys/kernel.h>
 #include <sys/protosw.h>
 #include <sys/sysctl.h>
+#include <sys/thread2.h>
 
 #include <netinet/in.h>
 #include <netinet/in_systm.h>