lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Sun,  2 Sep 2018 16:18:41 -0700
From:   Sowmini Varadhan <sowmini.varadhan@...cle.com>
To:     netdev@...r.kernel.org, steffen.klassert@...unet.com
Cc:     davem@...emloft.net, sowmini.varadhan@...cle.com
Subject: [PATCH ipsec-next 0/2] xfrm: bug fixes when processing multiple transforms

This series contains bug fixes that were encountered when I set
up a libreswan tunnel using the config below, which will set up 
an IPsec policy involving 2 tmpls.

    type=transport
    compress=yes
    esp=aes_gcm_c-128-null # offloaded to Niantic
    auto=start

The non-offload test case uses  esp=aes_gcm_c-256-null.

Each patch has a technical description of the contents of the fix.

Sowmini Varadhan (2):
  xfrm: reset transport header back to network header after all input
    transforms ahave been applied
  xfrm: reset crypto_done when iterating over multiple input xfrms

 net/ipv4/xfrm4_input.c          |    1 +
 net/ipv4/xfrm4_mode_transport.c |    4 +---
 net/ipv6/xfrm6_input.c          |    1 +
 net/ipv6/xfrm6_mode_transport.c |    4 +---
 net/xfrm/xfrm_input.c           |    1 +
 5 files changed, 5 insertions(+), 6 deletions(-)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ