diff options
author | Joakim Koskela <jookos@gmail.com> | 2008-08-06 02:40:25 -0700 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2008-08-06 02:40:25 -0700 |
commit | abf5cdb89d09ca981db10e1a85fd8531440165f2 (patch) | |
tree | 95c340f429fcb0c11d0af01fa840d84bb81895f5 /net/ipv6/esp6.c | |
parent | eb49e63093498cd17382018495b8cfb5b4a679bd (diff) | |
download | linux-abf5cdb89d09ca981db10e1a85fd8531440165f2.tar.gz linux-abf5cdb89d09ca981db10e1a85fd8531440165f2.tar.bz2 linux-abf5cdb89d09ca981db10e1a85fd8531440165f2.zip |
ipsec: Interfamily IPSec BEET, ipv4-inner ipv6-outer
Here's a revised version, based on Herbert's comments, of a fix for
the ipv4-inner, ipv6-outer interfamily ipsec beet mode. It fixes the
network header adjustment during interfamily, as well as makes sure
that we reserve enough room for the new ipv6 header if we might have
something else as the inner family. Also, the ipv4 pseudo header
construction was added.
Signed-off-by: Joakim Koskela <jookos@gmail.com>
Acked-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/ipv6/esp6.c')
-rw-r--r-- | net/ipv6/esp6.c | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/net/ipv6/esp6.c b/net/ipv6/esp6.c index c6bb4c6d24b3..b181b08fb761 100644 --- a/net/ipv6/esp6.c +++ b/net/ipv6/esp6.c @@ -521,6 +521,10 @@ static int esp6_init_state(struct xfrm_state *x) crypto_aead_ivsize(aead); switch (x->props.mode) { case XFRM_MODE_BEET: + if (x->sel.family != AF_INET6) + x->props.header_len += IPV4_BEET_PHMAXLEN + + (sizeof(struct ipv6hdr) - sizeof(struct iphdr)); + break; case XFRM_MODE_TRANSPORT: break; case XFRM_MODE_TUNNEL: |