Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 01714109 authored by Fan Du's avatar Fan Du Committed by Steffen Klassert
Browse files

xfrm: Don't prohibit AH from using ESN feature 



Clear checking when user try to use ESN through netlink keymgr for AH.
As only ESP and AH support ESN feature according to RFC.

Signed-off-by: default avatarFan Du <fan.du@windriver.com>
Signed-off-by: default avatarSteffen Klassert <steffen.klassert@secunet.com>
parent 8d6da6f3

net/xfrm/xfrm_user.c

+2 −1
Original line number Diff line number Diff line
@@ -142,7 +142,8 @@ static inline int verify_replay(struct xfrm_usersa_info *p, 
	if (!rt)

		return 0;



	if (p->id.proto != IPPROTO_ESP)

	/* As only ESP and AH support ESN feature. */

	if ((p->id.proto != IPPROTO_ESP) && (p->id.proto != IPPROTO_AH))

		return -EINVAL;



	if (p->replay_window != 0)