Skip to content

Commit

Permalink
xfrm: Don't prohibit AH from using ESN feature
Browse files Browse the repository at this point in the history 
Clear checking when user try to use ESN through netlink keymgr for AH.
As only ESP and AH support ESN feature according to RFC.

Signed-off-by: Fan Du <fan.du@windriver.com>
Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
  • Loading branch information
Fan Du authored and Steffen Klassert committed Feb 12, 2014
1 parent 8d6da6f commit 0171410
Showing 1 changed file with 2 additions and 1 deletion.
3 changes: 2 additions & 1 deletion net/xfrm/xfrm_user.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -142,7 +142,8 @@ static inline int verify_replay(struct xfrm_usersa_info *p,
if (!rt)
return 0;

if (p->id.proto != IPPROTO_ESP)
/* As only ESP and AH support ESN feature. */
if ((p->id.proto != IPPROTO_ESP) && (p->id.proto != IPPROTO_AH))
return -EINVAL;

if (p->replay_window != 0)
Expand Down

0 comments on commit 0171410

Please sign in to comment.