netdev
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[IPSEC PATCH] missing break in UDP decap code Re: (udp-en/decap broken i

from [bert hubert] [Permanent Link][Original]
To: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>, netdev@xxxxxxxxxxx
Subject: [IPSEC PATCH] missing break in UDP decap code Re: (udp-en/decap broken in 2.6.8-rc2?) Re: ipsec, nat-t, iproute2?
From: bert hubert <ahu@xxxxxxx>
Date: Sat, 31 Jul 2004 15:08:53 +0200
Cc: davem@xxxxxxxxxx
In-reply-to: <20040731121828.GA29497@outpost.ds9a.nl>
Mail-followup-to: bert hubert <ahu@xxxxxxx>, Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>, netdev@xxxxxxxxxxx, davem@xxxxxxxxxx
References: <20040731083456.GA24761@outpost.ds9a.nl> <E1Bqr9r-0004av-00@gondolin.me.apana.org.au> <20040731112048.GA27893@outpost.ds9a.nl> <20040731115230.GA18537@gondor.apana.org.au> <20040731121828.GA29497@outpost.ds9a.nl>
Sender: netdev-bounce@xxxxxxxxxxx
User-agent: Mutt/1.3.28i 
> I've tried it both ways, both don't work. I should have mentioned that.

Against 2.6.8-rc2, neatly solves the problem. The missing break causes the
packet to be tested against both encapsulation types, one will always fail.

--- linux-2.6.8-rc2/net/ipv4/udp.c~orig 2004-07-31 15:04:56.000000000 +0200
+++ linux-2.6.8-rc2/net/ipv4/udp.c      2004-07-31 15:05:19.000000000 +0200
@@ -975,7 +975,7 @@
                } else
                        /* Must be an IKE packet.. pass it through */
                        return 1;
-
+               break;
        case UDP_ENCAP_ESPINUDP_NON_IKE:
                /* Check if this is a keepalive packet.  If so, eat it. */
                if (len == 1 && udpdata[0] == 0xff) {
@@ -988,6 +988,7 @@
                } else
                        /* Must be an IKE packet.. pass it through */
                        return 1;
+               break;
        }
 
        /* At this point we are sure that this is an ESPinUDP packet,


-- 
http://www.PowerDNS.com      Open source, database driven DNS Software 
http://lartc.org           Linux Advanced Routing & Traffic Control HOWTO
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: ksoftirqd uses 99% CPU triggered by network traffic (maybe RLT-8139 related), Francois Romieu
Next by Date:  Re: [IPSEC PATCH] missing break in UDP decap code Re: (udp-en/decap broken in 2.6.8-rc2?) Re: ipsec, nat-t, iproute2?, Herbert Xu
Previous by Thread:  Re: (udp-en/decap broken in 2.6.8-rc2?) Re: ipsec, nat-t, iproute2?, bert hubert
Next by Thread:  Re: [IPSEC PATCH] missing break in UDP decap code Re: (udp-en/decap broken in 2.6.8-rc2?) Re: ipsec, nat-t, iproute2?, Herbert Xu
Indexes:  [Date] [Thread] [Top] [All Lists]