lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Sat, 24 Nov 2007 14:00:41 +0800 From: Herbert Xu <herbert@...dor.apana.org.au> To: davids@...master.com Cc: linux-kernel@...r.kernel.org, netdev@...r.kernel.org Subject: Re: [RFC/PATCH] SO_NO_CHECK for IPv6 David Schwartz <davids@...master.com> wrote: > >> Regardless of whatever verifications your application is doing >> on the data, it is not checksumming the ports and that's what >> the pseudo-header is helping with. > > So what? We are in the case where the data has already gotten to him. If it > got to him in error, he'll reject it anyway. The receive checksum check will > only reject packets that he would reject anyway. That makes it needless. What if it goes to the wrong recipient who doesn't have the upper- level checksums? This is the whole point, IPv6 unlike IPv4 does not have IP header checksums so the high-level needs to protect it by checksumming the pseudo-header. Cheers, -- Visit Openswan at http://www.openswan.org/ Email: Herbert Xu ~{PmV>HI~} <herbert@...dor.apana.org.au> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists