| To: | Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> |
|---|---|
| Subject: | Re: [AH6] Disallow mutable bits after AH header |
| From: | "David S. Miller" <davem@xxxxxxxxxx> |
| Date: | Fri, 23 Jul 2004 13:37:37 -0700 |
| Cc: | kazunori@xxxxxxxxxxxx, netdev@xxxxxxxxxxx |
| In-reply-to: | <20040723135320.GA26000@gondor.apana.org.au> |
| References: | <20040723135320.GA26000@gondor.apana.org.au> |
| Sender: | netdev-bounce@xxxxxxxxxxx |
On Fri, 23 Jul 2004 23:53:21 +1000 Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> wrote: > As we discussed before, mutable headers should not be allowed after > the AH header. In fact, this appears to be the intention of RFC 2402. > It is further clarified in section 3.1.1 of > > http://www.ietf.org/internet-drafts/draft-ietf-ipsec-rfc2402bis-07.txt > > This allows us to simplify the code in ah6.c. As a result, this also > fixes the following issues: > > * Dependence on skb->h in ah6_output(). > * Bogus clearing of auth_data of 2nd AH header in > ipv6_clear_mutable_options(). Applied, thanks Herbert. |
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| ||
| Previous by Date: | Re: [IPSEC] Missing unlock in policy timer, David S. Miller |
|---|---|
| Next by Date: | Re: [PATCH 2.6]: Make packet scheduler clock source configurable, David S. Miller |
| Previous by Thread: | [AH6] Disallow mutable bits after AH header, Herbert Xu |
| Next by Thread: | Re: [AH6] Disallow mutable bits after AH header, Herbert Xu |
| Indexes: | [Date] [Thread] [Top] [All Lists] |