-
由 Horia Geanta 提交于
This reverts commit 891104ed. Current IPsec ESN implementation for authencesn(cbc(aes), hmac(sha)) (separate encryption and integrity algorithms) does not conform to RFC4303. ICV is generated by hashing the sequence SPI, SeqNum-High, SeqNum-Low, IV, Payload instead of SPI, SeqNum-Low, IV, Payload, SeqNum-High. Cc: <stable@vger.kernel.org> # 3.8, 3.7 Reported-by: NChaoxing Lin <Chaoxing.Lin@ultra-3eti.com> Signed-off-by: NHoria Geanta <horia.geanta@freescale.com> Reviewed-by: NKim Phillips <kim.phillips@freescale.com> Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
246bbedb