Revert "xfrm: Accept ESP packets regardless of UDP encapsulation mode"

This reverts commit e061b165. Signed-off-by: David S. Miller <davem@davemloft.net>

Revert "xfrm: Accept ESP packets regardless of UDP encapsulation mode"
This reverts commit e061b165. Signed-off-by: David S. Miller <davem@davemloft.net>
3de77cf2 · David S. Miller · 49ad9599 · 3de77cf2
Commit 3de77cf2 authored Dec 18, 2008 by David S. Miller
Show whitespace changes
Inline Side-by-side

Showing with 5 additions and 0 deletions

net/xfrm/xfrm_input.c net/xfrm/xfrm_input.c +5 -0

No files found.
--- a/net/xfrm/xfrm_input.c
+++ b/net/xfrm/xfrm_input.c
@@ -167,6 +167,11 @@ int xfrm_input(struct sk_buff *skb, int nexthdr, __be32 spi, int encap_type)
 			goto drop_unlock;
 		}

+		if ((x->encap ? x->encap->encap_type : 0) != encap_type) {
+			XFRM_INC_STATS(net, LINUX_MIB_XFRMINSTATEMISMATCH);
+			goto drop_unlock;
+		}
+
 		if (x->props.replay_window && xfrm_replay_check(x, skb, seq)) {
 			XFRM_INC_STATS(net, LINUX_MIB_XFRMINSTATESEQERROR);
 			goto drop_unlock;