netdev
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[AH6] Disallow mutable bits after AH header

from [Herbert Xu] [Permanent Link][Original]
To: Kazunori Miyazawa <kazunori@xxxxxxxxxxxx>, "David S. Miller" <davem@xxxxxxxxxx>, netdev@xxxxxxxxxxx
Subject: [AH6] Disallow mutable bits after AH header
From: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
Date: Fri, 23 Jul 2004 23:53:21 +1000
Sender: netdev-bounce@xxxxxxxxxxx
User-agent: Mutt/1.5.6+20040523i 
Hi:

As we discussed before, mutable headers should not be allowed after
the AH header.  In fact, this appears to be the intention of RFC 2402.
It is further clarified in section 3.1.1 of

http://www.ietf.org/internet-drafts/draft-ietf-ipsec-rfc2402bis-07.txt

This allows us to simplify the code in ah6.c.  As a result, this also
fixes the following issues:

* Dependence on skb->h in ah6_output().
* Bogus clearing of auth_data of 2nd AH header in ipv6_clear_mutable_options().

Signed-off-by: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>

Cheers,
-- 
Visit Openswan at http://www.openswan.org/
Email: Herbert Xu ~{PmV>HI~} <herbert@xxxxxxxxxxxxxxxxxxx>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Attachment: p
Description: Text document

[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [PATCH] convert skge to pci_driver API (2nd try), Mirko Lindner
Next by Date:  Re: [PATCH] convert skge to pci_driver API (2nd try), Christoph Hellwig
Previous by Thread:  Re: [PATCH] convert skge to pci_driver API (2nd try), Mirko Lindner
Next by Thread:  Re: [AH6] Disallow mutable bits after AH header, David S. Miller
Indexes:  [Date] [Thread] [Top] [All Lists]