]> bbs.cooldavid.org Git - net-next-2.6.git/blobdiff - net/ipv4/esp4.c
git://bbs.cooldavid.org / net-next-2.6.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
[IPv4] ESP: Discard dummy packets introduced in rfc4303
[net-next-2.6.git] / net / ipv4 / esp4.c
diff --git a/net/ipv4/esp4.c b/net/ipv4/esp4.c
index c31bccb9b526c99d539c1c13a94531f23c982318..1738113268bc12f1e1a23e4a1ca14bb82a637ffa 100644 (file)
--- a/net/ipv4/esp4.c
+++ b/net/ipv4/esp4.c
@@ -9,6 +9,7 @@
 #include <linux/pfkeyv2.h>
 #include <linux/random.h>
 #include <linux/spinlock.h>
+#include <linux/in6.h>
 #include <net/icmp.h>
 #include <net/protocol.h>
 #include <net/udp.h>
@@ -224,6 +225,10 @@ static int esp_input(struct xfrm_state *x, struct sk_buff *skb)
 
        /* ... check padding bits here. Silly. :-) */
 
+       /* RFC4303: Drop dummy packets without any error */
+       if (nexthdr[1] == IPPROTO_NONE)
+               goto out;
+
        iph = ip_hdr(skb);
        ihl = iph->ihl * 4;
 
Clone of davem's net-next-2.6 tree