lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Wed, 17 Oct 2007 21:36:03 -0700 (PDT)
From:	David Miller <davem@...emloft.net>
To:	herbert@...dor.apana.org.au
Cc:	yoshfuji@...ux-ipv6.org, kaber@...sh.net, netdev@...r.kernel.org
Subject: Re: [PATCH 11/11] [IPSEC]: Rename mode to outer_mode and add
 inner_mode

From: Herbert Xu <herbert@...dor.apana.org.au>
Date: Wed, 17 Oct 2007 23:26:02 +0800

> On Wed, Oct 17, 2007 at 10:34:19PM +0800, Herbert Xu wrote:
> > [IPSEC]: Rename mode to outer_mode and add inner_mode
> 
> Oops.  This patch is missing two files.  Here is the correct
> version.
> 
> Cheers,
> -- 
> Visit Openswan at http://www.openswan.org/
> Email: Herbert Xu ~{PmV>HI~} <herbert@...dor.apana.org.au>
> Home Page: http://gondor.apana.org.au/~herbert/
> PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
> --
> [IPSEC]: Rename mode to outer_mode and add inner_mode
> 
> This patch adds a new field to xfrm states called inner_mode.  The existing
> mode object is renamed to outer_mode.
> 
> This is the first part of an attempt to fix inter-family transforms.  As it
> is we always use the outer family when determining which mode to use.  As a
> result we may end up shoving IPv4 packets into netfilter6 and vice versa.
> 
> What we really want is to use the inner family for the first part of outbound
> processing and the outer family for the second part.  For inbound processing
> we'd use the opposite pairing.
> 
> I've also added a check to prevent silly combinations such as transport mode
> with inter-family transforms.
> 
> Signed-off-by: Herbert Xu <herbert@...dor.apana.org.au>

Applied, thanks Herbert.
-
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ