Received: with ECARTIS (v1.0.0; list netdev); Wed, 26 Jan 2005 02:10:37 -0800 (PST) Received: from miyazawa.org (usen-221x116x13x66.ap-US01.usen.ad.jp [221.116.13.66]) by oss.sgi.com (8.13.0/8.13.0) with ESMTP id j0QAAWWc002880 for ; Wed, 26 Jan 2005 02:10:32 -0800 Received: from [2001:200:182:2000:205:4eff:fe42:f9b3] ([2001:200:182:2000:205:4eff:fe42:f9b3]) (AUTH: LOGIN kazunori, SSL: TLSv1/SSLv3,128bits,RC4-MD5) by miyazawa.org with esmtp; Wed, 26 Jan 2005 19:10:20 +0900 id 00007DAB.41F76C8C.00003083 From: MIYAZAWA Kazunori To: "David S. Miller" Subject: [PATCH][IPsec] fix process of error from crypto module Date: Wed, 26 Jan 2005 19:10:20 +0900 User-Agent: KMail/1.7.1 Cc: netdev@oss.sgi.com, usagi-core@linux-ipv6.org MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200501261910.20867.kazunori@miyazawa.org> X-Virus-Scanned: ClamAV 0.80/650/Sun Jan 2 19:00:02 2005 clamav-milter version 0.80j on 127.0.0.1 X-Virus-Status: Clean X-archive-position: 808 X-ecartis-version: Ecartis v1.0.0 Sender: netdev-bounce@oss.sgi.com Errors-to: netdev-bounce@oss.sgi.com X-original-sender: kazunori@miyazawa.org Precedence: bulk X-list: netdev Content-Length: 1267 Lines: 36 Hello, This patch fixes the process under the case that the crypto module returns error because of its weak keys or etc. diff -ur a/net/ipv4/esp4.c b/net/ipv4/esp4.c --- a/net/ipv4/esp4.c 2004-12-25 06:34:58.000000000 +0900 +++ b/net/ipv4/esp4.c 2005-01-26 18:57:18.000000000 +0900 @@ -427,7 +427,8 @@ goto error; get_random_bytes(esp->conf.ivec, esp->conf.ivlen); } - crypto_cipher_setkey(esp->conf.tfm, esp->conf.key, esp->conf.key_len); + if (crypto_cipher_setkey(esp->conf.tfm, esp->conf.key, esp->conf.key_len)) + goto error; x->props.header_len = sizeof(struct ip_esp_hdr) + esp->conf.ivlen; if (x->props.mode) x->props.header_len += sizeof(struct iphdr); diff -ur a/net/ipv6/esp6.c b/net/ipv6/esp6.c --- a/net/ipv6/esp6.c 2004-12-25 06:35:01.000000000 +0900 +++ b/net/ipv6/esp6.c 2005-01-26 18:57:04.000000000 +0900 @@ -364,7 +364,8 @@ goto error; get_random_bytes(esp->conf.ivec, esp->conf.ivlen); } - crypto_cipher_setkey(esp->conf.tfm, esp->conf.key, esp->conf.key_len); + if (crypto_cipher_setkey(esp->conf.tfm, esp->conf.key, esp->conf.key_len)) + goto error; x->props.header_len = sizeof(struct ipv6_esp_hdr) + esp->conf.ivlen; if (x->props.mode) x->props.header_len += sizeof(struct ipv6hdr); -- Kazunori Miyazawa