| To: | davem@xxxxxxxxxx, kuznet@xxxxxxxxxxxxx, netdev@xxxxxxxxxxx |
|---|---|
| Subject: | PATCH: IPSecv6 in tunnel won't work with ext hdrs |
| From: | latten@xxxxxxxxxxxxxx |
| Date: | Mon, 30 Jun 2003 14:06:58 -0500 |
| Sender: | netdev-bounce@xxxxxxxxxxx |
I noticed that using extensions headers along with IPsecv6 tunnel mode did
not work in 2.5.73 + patch-2.5.73-bk3. The following patch
checks "nexthdr" instead of "iph->nexthdr" which could be an
extension header. I tested this with tunnel mode and transport mode
with and without extension headers and it worked ok.
Let me know if it is ok.
Joy Latten
-----------------------------------------------------------------------
--- xfrm6_input.c.orig 2003-06-30 11:04:31.000000000 -0500
+++ xfrm6_input.c 2003-06-30 11:09:27.000000000 -0500
@@ -67,10 +67,8 @@
xfrm_vec[xfrm_nr++].xvec = x;
- iph = skb->nh.ipv6h;
-
if (x->props.mode) { /* XXX */
- if (iph->nexthdr != IPPROTO_IPV6)
+ if (nexthdr != IPPROTO_IPV6)
goto drop;
skb->nh.raw = skb->data;
iph = skb->nh.ipv6h;
|
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| ||
| Previous by Date: | Re: [PATCH] Prefix List against 2.5.70 (re-done), Krishna Kumar |
|---|---|
| Next by Date: | kernel bug fix: entered/exited promiscuous mode flip/flop error, Jim Nisbet |
| Previous by Thread: | [PATCH] IPV6: convert /proc/net/anycast6 to seq_file, YOSHIFUJI Hideaki / 吉藤英明 |
| Next by Thread: | Re: PATCH: IPSecv6 in tunnel won't work with ext hdrs, James Morris |
| Indexes: | [Date] [Thread] [Top] [All Lists] |