Re: IPSEC

To:	Steve Hill <steve@xxxxxxxxxxxxxxxxxxx>
Subject:	Re: IPSEC
From:	Patrick McHardy <kaber@xxxxxxxxx>
Date:	Tue, 08 Mar 2005 18:44:39 +0100
Cc:	netdev@xxxxxxxxxxx, "David S. Miller" <davem@xxxxxxxxxxxxx>
In-reply-to:	<Pine.LNX.4.61.0503081706560.11525@xxxxxxxxxxxxxx>
References:	<Pine.LNX.4.61.0503081706560.11525@xxxxxxxxxxxxxx>
Sender:	netdev-bounce@xxxxxxxxxxx
User-agent:	Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.7.5) Gecko/20050106 Debian/1.7.5-1

Steve Hill wrote:

then the ESP SA is added and it has the same sequence number (1) as theAH SA so the AH SA gets deleted.
The xfrm_state_add() function does:
        x1 = __xfrm_find_acq_byseq(x->km.seq);
        ...
        xfrm_state_delete(x1);
And this is responsible for deleting the AH SA due to it's matchingsequence number.


This is a bug in the kernel, __xfrm_find_acq_byseq should only return
XFRM_STATE_ACQ states. This patch should fix it.

Signed-off-by: Patrick McHardy <kaber@xxxxxxxxx>

===== net/xfrm/xfrm_state.c 1.55 vs edited =====
--- 1.55/net/xfrm/xfrm_state.c  2005-03-07 06:23:53 +01:00
+++ edited/net/xfrm/xfrm_state.c        2005-03-08 18:42:13 +01:00
@@ -609,7 +609,7 @@
 
        for (i = 0; i < XFRM_DST_HSIZE; i++) {
                list_for_each_entry(x, xfrm_state_bydst+i, bydst) {
-                       if (x->km.seq == seq) {
+                       if (x->km.seq == seq && x->km.state == XFRM_STATE_ACQ) {
                                xfrm_state_hold(x);
                                return x;
                        }

<Prev in Thread]	Current Thread	[Next in Thread>
IPSEC, Steve Hill Re: IPSEC, Patrick McHardy <= Re: IPSEC, Steve Hill Re: IPSEC, David S. Miller

Previous by Date:	IPSEC, Steve Hill
Next by Date:	Re: [leo@xxxxxxxxx: [PATCH] ethernet-bridge: update skb->priority in case forwarded frame has VLAN-header], Ben Greear
Previous by Thread:	IPSEC, Steve Hill
Next by Thread:	Re: IPSEC, Steve Hill
Indexes:	[Date] [Thread] [Top] [All Lists]