Re: [PATCH 2.6.26-rc3] xfrm: Installing NULL encryption IPSec SAs fails

view
thread

!MAILaRCHIVE_VOTE_RePLACE

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

[view in full thread]

From: Herbert Xu <herbert@...>

To: David Miller <davem@...>

Cc: <martin@...>, <linux-kernel@...>

Subject: Re: [PATCH 2.6.26-rc3] xfrm: Installing NULL encryption IPSec SAs fails

Date: Wednesday, May 21, 2008 - 7:59 pm

On Wed, May 21, 2008 at 01:37:56PM -0700, David Miller wrote:
quoted text> From: Martin Willi <martin@strongswan.org>
> Date: Wed, 21 May 2008 11:55:06 -0500
> 
> > Installing NULL encryption IPSec SAs works using the .compat name
> > "cipher_null", but fails with the .name "ecp(cipher_null)" due the
> > missing check in key length verification. 
> > 
> > Signed-off-by: Martin Willi <martin@strongswan.org>
> 
> Herbert does this look Ok to you?

I think we should get rid of the zero check altogether as a
zero-length key will fail on setkey of a real algorithm anyway
because of the min_keysize/max_keysize checks in the crypto API.

Cheers,
-- 
Visit Openswan at http://www.openswan.org/
Email: Herbert Xu ~{PmV>HI~} <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
--
unsubscribe noticeTo unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

Messages in current thread:

[PATCH 2.6.26-rc3] xfrm: Installing NULL encryption IPSec SA..., Martin Willi, (Wed May 21, 12:55 pm)

Re: [PATCH 2.6.26-rc3] xfrm: Installing NULL encryption IPSe..., David Miller, (Wed May 21, 4:37 pm)

Re: [PATCH 2.6.26-rc3] xfrm: Installing NULL encryption IPSe..., Herbert Xu, (Wed May 21, 7:59 pm)

Re: [PATCH 2.6.26-rc3] xfrm: Installing NULL encryption IPSe..., David Miller, (Wed May 21, 8:23 pm)

Re: [PATCH 2.6.26-rc3] xfrm: Installing NULL encryption IPSe..., Herbert Xu, (Wed May 21, 8:30 pm)

Re: [PATCH 2.6.26-rc3] xfrm: Installing NULL encryption IPSe..., David Miller, (Wed May 21, 8:36 pm)

Navigation

Popular discussions


linux-kernel:
James Bottomley	Re: Integration of SCST in the mainstream Linux kernel
Greg Kroah-Hartman	[PATCH 007/196] Chinese: add translation of stable_kernel_rules.txt
david	Re: Dual-Licensing Linux Kernel with GPL V2 and GPL V3
Jan Engelhardt	intel iommu (Re: -mm merge plans for 2.6.23)
git:

openbsd-misc:

linux-netdev:
Alexey Dobriyan	Re: [GIT]: Networking
Jarek Poplawski	[PATCH] pkt_sched: Destroy gen estimators under rtnl_lock().
Gerrit Renker	[PATCH 27/37] dccp: Integration of dynamic feature activation - part 2 (server side)
David Miller	Re: [BUG] New Kernel Bugs

Colocation donated by:

Online users

Syndicate