Home » Mailing list archives » linux-kernel » 2008 » May » 21

[PATCH 2.6.26-rc3] xfrm: Installing NULL encryption IPSec SAs fails

!MAILaRCHIVE_VOTE_RePLACE
Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]
[view in full thread]
From: Martin Willi <martin@...>
To: <herbert@...>
Cc: <linux-kernel@...>
Subject: [PATCH 2.6.26-rc3] xfrm: Installing NULL encryption IPSec SAs fails
Date: Wednesday, May 21, 2008 - 12:55 pm

Installing NULL encryption IPSec SAs works using the .compat name
"cipher_null", but fails with the .name "ecp(cipher_null)" due the
missing check in key length verification. 

Signed-off-by: Martin Willi <martin@strongswan.org>

--- a/net/xfrm/xfrm_user.c 2008-05-21 11:34:56.000000000 -0500
+++ b/net/xfrm/xfrm_user.c 2008-05-21 11:20:08.000000000 -0500
@@ -57,6 +57,7 @@
 
        case XFRMA_ALG_CRYPT:
                if (!algp->alg_key_len &&
+                   strcmp(algp->alg_name, "ecb(cipher_null)") != 0 &&
                    strcmp(algp->alg_name, "cipher_null") != 0)
                        return -EINVAL;
                break;



--
Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]
Messages in current thread:
[PATCH 2.6.26-rc3] xfrm: Installing NULL encryption IPSec SA..., Martin Willi, (Wed May 21, 12:55 pm)
Re: [PATCH 2.6.26-rc3] xfrm: Installing NULL encryption IPSe..., David Miller, (Wed May 21, 4:37 pm)
Re: [PATCH 2.6.26-rc3] xfrm: Installing NULL encryption IPSe..., Herbert Xu, (Wed May 21, 7:59 pm)
Re: [PATCH 2.6.26-rc3] xfrm: Installing NULL encryption IPSe..., David Miller, (Wed May 21, 8:23 pm)
Re: [PATCH 2.6.26-rc3] xfrm: Installing NULL encryption IPSe..., Herbert Xu, (Wed May 21, 8:30 pm)
Re: [PATCH 2.6.26-rc3] xfrm: Installing NULL encryption IPSe..., David Miller, (Wed May 21, 8:36 pm)