xfrm: Don't prohibit AH from using ESN feature

Clear checking when user try to use ESN through netlink keymgr for AH. As only ESP and AH support ESN feature according to RFC. Signed-off-by: Fan Du <fan.du@windriver.com> Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>

xfrm: Don't prohibit AH from using ESN feature
Clear checking when user try to use ESN through netlink keymgr for AH. As only ESP and AH support ESN feature according to RFC. Signed-off-by: Fan Du <fan.du@windriver.com> Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
01714109 · Fan Du · Steffen Klassert · 8d6da6f3 · 01714109
Commit 01714109 authored Jan 18, 2014 by Fan Du Committed by Steffen Klassert Feb 12, 2014
Hide whitespace changes
Inline Side-by-side

Showing with 2 additions and 1 deletion

net/xfrm/xfrm_user.c net/xfrm/xfrm_user.c +2 -1

No files found.
--- a/net/xfrm/xfrm_user.c
+++ b/net/xfrm/xfrm_user.c
@@ -142,7 +142,8 @@ static inline int verify_replay(struct xfrm_usersa_info *p,
 	if (!rt)
 		return 0;

-	if (p->id.proto != IPPROTO_ESP)
+	/* As only ESP and AH support ESN feature. */
+	if ((p->id.proto != IPPROTO_ESP) && (p->id.proto != IPPROTO_AH))
 		return -EINVAL;

 	if (p->replay_window != 0)