lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Tue, 18 Jun 2019 09:27:39 +0200
From:   Steffen Klassert <steffen.klassert@...unet.com>
To:     Herbert Xu <herbert@...dor.apana.org.au>
CC:     Nicolas Dichtel <nicolas.dichtel@...nd.com>, <davem@...emloft.net>,
        <netdev@...r.kernel.org>, Anirudh Gupta <anirudh.gupta@...hos.com>
Subject: Re: [PATCH ipsec] xfrm: fix sa selector validation

On Sat, Jun 15, 2019 at 12:11:48AM +0800, Herbert Xu wrote:
> On Fri, Jun 14, 2019 at 11:13:55AM +0200, Nicolas Dichtel wrote:
> > After commit b38ff4075a80, the following command does not work anymore:
> > $ ip xfrm state add src 10.125.0.2 dst 10.125.0.1 proto esp spi 34 reqid 1 \
> >   mode tunnel enc 'cbc(aes)' 0xb0abdba8b782ad9d364ec81e3a7d82a1 auth-trunc \
> >   'hmac(sha1)' 0xe26609ebd00acb6a4d51fca13e49ea78a72c73e6 96 flag align4
> > 
> > In fact, the selector is not mandatory, allow the user to provide an empty
> > selector.
> > 
> > Fixes: b38ff4075a80 ("xfrm: Fix xfrm sel prefix length validation")
> > CC: Anirudh Gupta <anirudh.gupta@...hos.com>
> > Signed-off-by: Nicolas Dichtel <nicolas.dichtel@...nd.com>
> 
> Acked-by: Herbert Xu <herbert@...dor.apana.org.au>

Patch applied, thanks everyone!

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ