PATCH: IPSecv6 in tunnel won't work with ext hdrs: msg#00889

Subject:	PATCH: IPSecv6 in tunnel won't work with ext hdrs

I noticed that using extensions headers along with IPsecv6 tunnel mode did
not work in 2.5.73 + patch-2.5.73-bk3. The following patch
checks "nexthdr" instead of "iph->nexthdr" which could be an
extension header. I tested this with tunnel mode and transport mode
with and without extension headers and it worked ok.

Let me know if it is ok.

Joy Latten

-----------------------------------------------------------------------


--- xfrm6_input.c.orig  2003-06-30 11:04:31.000000000 -0500
+++ xfrm6_input.c       2003-06-30 11:09:27.000000000 -0500
@@ -67,10 +67,8 @@
 
                xfrm_vec[xfrm_nr++].xvec = x;
 
-               iph = skb->nh.ipv6h;
-
                if (x->props.mode) { /* XXX */
-                       if (iph->nexthdr != IPPROTO_IPV6)
+                       if (nexthdr != IPPROTO_IPV6)
                                goto drop;
                        skb->nh.raw = skb->data;
                        iph = skb->nh.ipv6h;

Previous by Date:	Re: [PATCH] Prefix List against 2.5.70 (re-done), Krishna Kumar
Next by Date:	kernel bug fix: entered/exited promiscuous mode flip/flop error, Jim Nisbet
Previous by Thread:	[PATCH] IPV6: convert /proc/net/anycast6 to seq_file, YOSHIFUJI Hideaki / 吉藤英明
Next by Thread:	kernel bug fix: entered/exited promiscuous mode flip/flop error, Jim Nisbet
Indexes:	[Date] [Thread] [Top] [All Lists]

<Prev in Thread]	Current Thread	[Next in Thread>