| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20130107130043.GS18940@secunet.com> Date: Mon, 7 Jan 2013 14:00:43 +0100 From: Steffen Klassert <steffen.klassert@...unet.com> To: roy.qing.li@...il.com Cc: netdev@...r.kernel.org Subject: Re: [RFC PATCH] ah4/esp4: set transport header correctly for IPsec tunnel mode. On Fri, Dec 28, 2012 at 04:07:16PM +0800, roy.qing.li@...il.com wrote: > From: Li RongQing <roy.qing.li@...il.com> > > IPsec tunnel does not set ECN field to CE in inner header when > the ECN field in the outer header is CE, and the ECN field in > the inner header is ECT(0) or ECT(1). > > The cause is ipip_hdr() does not return the correct address of > inner header since skb->transport-header is not the inner header > after esp_input_done2(), or ah_input(). > > Signed-off-by: Li RongQing <roy.qing.li@...il.com> > --- > I know this bug, but no lab to verify if my patch is correct, > hope netdev experts can inspect this patch carefully, if this > can be accepted, I will do same fix for ah6/esp6 This looks ok to me, please submit the ipv6 side too. Thanks! -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists