mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-09-15 07:04:44 +00:00
Code Issues Releases Wiki Activity
linux-stable/net
History
Steffen Klassert 6fa5ddcc67 xfrm: Don't allow esn with disabled anti replay detection 
Unlike the standard case, disabled anti replay detection needs some
nontrivial extra treatment on ESN. RFC 4303 states:

Note: If a receiver chooses to not enable anti-replay for an SA, then
the receiver SHOULD NOT negotiate ESN in an SA management protocol.
Use of ESN creates a need for the receiver to manage the anti-replay
window (in order to determine the correct value for the high-order
bits of the ESN, which are employed in the ICV computation), which is
generally contrary to the notion of disabling anti-replay for an SA.

So return an error if an ESN state with disabled anti replay detection
is inserted for now and add the extra treatment later if we need it.

Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2011-05-10 15:03:34 -07:00
..
9p Fix common misspellings 2011-03-31 11:26:23 -03:00
802 net/802: add __rcu annotations 2010-10-25 13:09:44 -07:00
8021q vlan: fix GVRP at dismantle time 2011-05-10 15:03:32 -07:00
appletalk appletalk: Fix OOPS in atalk_release(). 2011-03-31 18:59:10 -07:00
atm Merge branch 'for-linus2' of git://git.profusion.mobi/users/lucas/linux-2.6 2011-04-07 11:14:49 -07:00
ax25 net: ax25: fix information leak to userland harder 2011-01-12 00:34:49 -08:00
batman-adv Fix common misspellings 2011-03-31 11:26:23 -03:00
bluetooth Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless-2.6 2011-04-22 13:21:38 -07:00
bridge Revert "bridge: Forward reserved group addresses if !STP" 2011-04-21 21:17:25 -07:00
caif caif: performance bugfix - allow radio stack to prioritize packets. 2011-04-11 13:15:58 -07:00
can can: add missing socket check in can/raw release 2011-04-20 12:37:59 -07:00
ceph Merge branch 'for-linus2' of git://git.profusion.mobi/users/lucas/linux-2.6 2011-04-07 11:14:49 -07:00
core net: dev_close() should check IFF_UP 2011-05-10 15:03:33 -07:00
dcb net: dcbnl: Update copyright dates 2011-03-14 17:02:42 -07:00
dccp dccp: handle invalid feature options length 2011-05-06 13:05:50 -07:00
decnet decnet: Convert to use flowidn where applicable. 2011-03-12 15:08:55 -08:00
dns_resolver DNS: Fix a NULL pointer deref when trying to read an error key [CVE-2011-1076] 2011-03-04 09:56:19 +11:00
dsa dsa/mv88e6131: fix unknown multicast/broadcast forwarding on mv88e6085 2011-04-28 13:35:44 -07:00
econet econet: 4 byte infoleak to the network 2011-03-18 15:12:15 -07:00
ethernet eth: fix new kernel-doc warning 2011-01-12 19:00:40 -08:00
ieee802154 ieee802154: Remove hacked CFLAGS in net/ieee802154/Makefile 2011-04-12 15:33:23 -07:00
ipv4 xfrm: Assign the inner mode output function to the dst entry 2011-05-10 15:03:34 -07:00
ipv6 xfrm: Assign the inner mode output function to the dst entry 2011-05-10 15:03:34 -07:00
ipx ipx: fix ipx_release() 2011-03-21 18:16:39 -07:00
irda irda: fix locking unbalance in irda_sendmsg 2011-04-12 15:29:54 -07:00
iucv Fix common misspellings 2011-03-31 11:26:23 -03:00
key pfkey: fix warning 2011-03-01 22:51:52 -08:00
l2tp l2tp: fix possible oops on l2tp_eth module unload 2011-03-21 18:10:25 -07:00
lapb Net: lapb: Makefile: Remove deprecated kbuild goal definitions 2010-11-22 08:16:14 -08:00
llc llc: Fix length check in llc_fixup_skb(). 2011-04-11 18:59:05 -07:00
mac80211 Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless-2.6 2011-04-22 13:21:38 -07:00
netfilter Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/kaber/nf-2.6 2011-04-19 11:28:35 -07:00
netlabel Fix common misspellings 2011-03-31 11:26:23 -03:00
netlink Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6 2011-03-03 21:27:42 -08:00
netrom
packet af_packet: struct socket declared/assigned but unused 2011-03-07 15:51:13 -08:00
phonet Phonet: fix aligned-mode pipe socket buffer header reserve 2011-03-15 14:55:49 -07:00
rds Fix common misspellings 2011-03-31 11:26:23 -03:00
rfkill kconfig: rename CONFIG_EMBEDDED to CONFIG_EXPERT 2011-01-20 17:02:05 -08:00
rose Fix common misspellings 2011-03-31 11:26:23 -03:00
rxrpc Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next-2.6 2011-03-16 16:29:25 -07:00
sched Fix common misspellings 2011-03-31 11:26:23 -03:00
sctp sctp: fix oops while removed transport still using as retran path 2011-04-12 19:33:51 -07:00
sunrpc Merge branch 'bugfixes' of git://git.linux-nfs.org/projects/trondmy/nfs-2.6 2011-04-08 11:47:35 -07:00
tipc Fix common misspellings 2011-03-31 11:26:23 -03:00
unix af_unix: Only allow recv on connected seqpacket sockets. 2011-05-01 23:16:28 -07:00
wanrouter Fix common misspellings 2011-03-31 11:26:23 -03:00
wimax
wireless Merge branch 'for-linus2' of git://git.profusion.mobi/users/lucas/linux-2.6 2011-04-07 11:14:49 -07:00
x25 Fix common misspellings 2011-03-31 11:26:23 -03:00
xfrm xfrm: Don't allow esn with disabled anti replay detection 2011-05-10 15:03:34 -07:00
compat.c net: Limit socket I/O iovec total length to INT_MAX. 2010-10-28 11:47:52 -07:00
Kconfig net: RPS: Enable hardware acceleration of RFS 2011-01-24 14:53:01 -08:00
Makefile net: Enter net/ipv6/ even if CONFIG_IPV6=n 2011-03-07 12:50:52 -08:00
nonet.c llseek: automatically add .llseek fop 2010-10-15 15:53:27 +02:00
socket.c Fix common misspellings 2011-03-31 11:26:23 -03:00
sysctl_net.c
TUNABLE