xfrm: Don't prohibit AH from using ESN feature

Clear checking when user try to use ESN through netlink keymgr for AH. As only ESP and AH support ESN feature according to RFC. Signed-off-by: N Fan Du <fan.du@windriver.com> Signed-off-by: N Steffen Klassert <steffen.klassert@secunet.com>

xfrm: Don't prohibit AH from using ESN feature
Clear checking when user try to use ESN through netlink keymgr for AH. As only ESP and AH support ESN feature according to RFC. Signed-off-by: N Fan Du <fan.du@windriver.com> Signed-off-by: N Steffen Klassert <steffen.klassert@secunet.com>
01714109 · Fan Du · Steffen Klassert · 8d6da6f3 · 01714109
隐藏空白更改
内联并排

Showing with 2 addition and 1 deletion

net/xfrm/xfrm_user.c net/xfrm/xfrm_user.c +2 -1

未找到文件。
--- a/net/xfrm/xfrm_user.c
+++ b/net/xfrm/xfrm_user.c
@@ -142,7 +142,8 @@ static inline int verify_replay(struct xfrm_usersa_info *p,
 	if (!rt)
 		return 0;

-	if (p->id.proto != IPPROTO_ESP)
+	/* As only ESP and AH support ESN feature. */
+	if ((p->id.proto != IPPROTO_ESP) && (p->id.proto != IPPROTO_AH))
 		return -EINVAL;

 	if (p->replay_window != 0)