linux/net/ipv4
Herbert Xu d4875b049b [IPSEC] Fix block size/MTU bugs in ESP
This patch fixes the following bugs in ESP:

* Fix transport mode MTU overestimate.  This means that the inner MTU
  is smaller than it needs be.  Worse yet, given an input MTU which
  is a multiple of 4 it will always produce an estimate which is not
  a multiple of 4.

  For example, given a standard ESP/3DES/MD5 transform and an MTU of
  1500, the resulting MTU for transport mode is 1462 when it should
  be 1464.

  The reason for this is because IP header lengths are always a multiple
  of 4 for IPv4 and 8 for IPv6.

* Ensure that the block size is at least 4.  This is required by RFC2406
  and corresponds to what the esp_output function does.  At the moment
  this only affects crypto_null as its block size is 1.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: David S. Miller <davem@davemloft.net>
2005-10-10 21:11:34 -07:00
..
ipvs [PATCH] gfp flags annotations - part 1 2005-10-08 15:00:57 -07:00
netfilter [NETFILTER] ctnetlink: add one nesting level for TCP state 2005-10-10 20:55:49 -07:00
af_inet.c [IPV4] fib_trie: fix proc interface 2005-09-09 13:35:42 -07:00
ah4.c [CRYPTO]: crypto_free_tfm() callers no longer need to check for NULL 2005-09-01 17:44:29 -07:00
arp.c [IPV4]: Replace __in_dev_get with __in_dev_get_rcu/rtnl 2005-10-03 14:35:55 -07:00
datagram.c [NET]: Fix sparse warnings 2005-08-29 16:01:32 -07:00
devinet.c [IPV4]: Replace __in_dev_get with __in_dev_get_rcu/rtnl 2005-10-03 14:35:55 -07:00
esp4.c [IPSEC] Fix block size/MTU bugs in ESP 2005-10-10 21:11:34 -07:00
fib_frontend.c [IPV4]: Replace __in_dev_get with __in_dev_get_rcu/rtnl 2005-10-03 14:35:55 -07:00
fib_hash.c [NET]: use __read_mostly on kmem_cache_t , DEFINE_SNMP_STAT pointers 2005-08-29 16:11:18 -07:00
fib_lookup.h [IPV4]: Prepare FIB core for RCU. 2005-08-29 16:08:31 -07:00
fib_rules.c [NETLINK]: Correctly set NLM_F_MULTI without checking the pid 2005-06-18 22:54:12 -07:00
fib_semantics.c [IPV4]: Replace __in_dev_get with __in_dev_get_rcu/rtnl 2005-10-03 14:35:55 -07:00
fib_trie.c [IPV4]: fib_trie root-node expansion 2005-10-04 13:01:58 -07:00
icmp.c [IPV4]: Update icmp sysctl docs and disable broadcast ECHO/TIMESTAMP by default 2005-10-03 16:07:30 -07:00
igmp.c [IPV4]: Replace __in_dev_get with __in_dev_get_rcu/rtnl 2005-10-03 14:35:55 -07:00
inet_connection_sock.c [PATCH] gfp flags annotations - part 1 2005-10-08 15:00:57 -07:00
inet_diag.c [NETLINK]: Add "groups" argument to netlink_kernel_create 2005-08-29 16:01:11 -07:00
inet_hashtables.c [NET]: Introduce inet_connection_sock 2005-08-29 15:43:19 -07:00
inet_timewait_sock.c [INET]: speedup inet (tcp/dccp) lookups 2005-10-03 14:13:38 -07:00
inetpeer.c [PATCH] timer initialization cleanup: DEFINE_TIMER 2005-09-09 14:03:48 -07:00
ip_forward.c [IPV4]: Remove some dead code from ip_forward() 2005-08-29 16:03:06 -07:00
ip_fragment.c [IPV4]: Reassembly trim not clearing CHECKSUM_HW 2005-09-06 15:51:48 -07:00
ip_gre.c [IPV4]: Replace __in_dev_get with __in_dev_get_rcu/rtnl 2005-10-03 14:35:55 -07:00
ip_input.c [NET]: use __read_mostly on kmem_cache_t , DEFINE_SNMP_STAT pointers 2005-08-29 16:11:18 -07:00
ip_options.c [IP]: Introduce ip_options_get_from_user 2005-08-29 16:01:39 -07:00
ip_output.c [IPV4]: ip_finish_output() can be inlined 2005-08-29 16:03:10 -07:00
ip_sockglue.c [IP]: Introduce ip_options_get_from_user 2005-08-29 16:01:39 -07:00
ipcomp.c [CRYPTO]: crypto_free_tfm() callers no longer need to check for NULL 2005-09-01 17:44:29 -07:00
ipconfig.c [NET]: fix-up schedule_timeout() usage 2005-09-12 14:15:34 -07:00
ipip.c [NET]: fix oops after tunnel module unload 2005-07-30 17:46:44 -07:00
ipmr.c [IPV4]: Replace __in_dev_get with __in_dev_get_rcu/rtnl 2005-10-03 14:35:55 -07:00
Kconfig [INET_DIAG]: Move the tcp_diag interface to the proper place 2005-08-29 15:57:54 -07:00
Makefile [INET_DIAG]: Move the tcp_diag interface to the proper place 2005-08-29 15:57:54 -07:00
multipath_drr.c [IPV4]: possible cleanups 2005-08-29 15:33:20 -07:00
multipath_random.c [IPV4]: Multipath modules need a license to prevent kernel tainting. 2005-06-13 14:29:06 -07:00
multipath_rr.c [IPV4]: Multipath modules need a license to prevent kernel tainting. 2005-06-13 14:29:06 -07:00
multipath_wrandom.c [IPV4]: Multipath modules need a license to prevent kernel tainting. 2005-06-13 14:29:06 -07:00
multipath.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
netfilter.c [NETFILTER]: Move reroute-after-queue code up to the nf_queue layer. 2005-08-29 15:36:19 -07:00
proc.c [NET]: Fix sparse warnings 2005-08-29 16:01:32 -07:00
protocol.c [TCP]: Move the tcp sock states to net/tcp_states.h 2005-08-29 15:41:54 -07:00
raw.c [PATCH] raw_sendmsg DoS on 2.6 2005-09-19 18:45:42 -07:00
route.c [IPV4]: Replace __in_dev_get with __in_dev_get_rcu/rtnl 2005-10-03 14:35:55 -07:00
syncookies.c [NET]: Fix sparse warnings 2005-08-29 16:01:32 -07:00
sysctl_net_ipv4.c [NET]: Fix sparse warnings 2005-08-29 16:01:32 -07:00
tcp_bic.c [TCP]: BIC coding bug in Linux 2.6.13 2005-10-05 12:09:31 -07:00
tcp_cong.c [ICSK]: Move TCP congestion avoidance members to icsk 2005-08-29 15:56:18 -07:00
tcp_diag.c [INET_DIAG]: Move the tcp_diag interface to the proper place 2005-08-29 15:57:54 -07:00
tcp_highspeed.c [ICSK]: Move TCP congestion avoidance members to icsk 2005-08-29 15:56:18 -07:00
tcp_htcp.c [ICSK]: Move TCP congestion avoidance members to icsk 2005-08-29 15:56:18 -07:00
tcp_hybla.c [ICSK]: Move TCP congestion avoidance members to icsk 2005-08-29 15:56:18 -07:00
tcp_input.c [TCP]: Don't over-clamp window in tcp_clamp_window() 2005-09-29 17:17:15 -07:00
tcp_ipv4.c [INET]: speedup inet (tcp/dccp) lookups 2005-10-03 14:13:38 -07:00
tcp_minisocks.c [TCP]: Set default congestion control correctly for incoming connections. 2005-09-21 00:19:46 -07:00
tcp_output.c [PATCH] gfp flags annotations - part 1 2005-10-08 15:00:57 -07:00
tcp_scalable.c [ICSK]: Move TCP congestion avoidance members to icsk 2005-08-29 15:56:18 -07:00
tcp_timer.c [ICSK]: Move TCP congestion avoidance members to icsk 2005-08-29 15:56:18 -07:00
tcp_vegas.c [INET_DIAG]: Rename tcp_diag.[ch] to inet_diag.[ch] 2005-08-29 15:57:48 -07:00
tcp_westwood.c [INET_DIAG]: Rename tcp_diag.[ch] to inet_diag.[ch] 2005-08-29 15:57:48 -07:00
tcp.c [TCP]: Fix TCP_OFF() bug check introduced by previous change. 2005-09-05 18:55:48 -07:00
udp.c [IPV4] udp: trim forgets about CHECKSUM_HW 2005-09-08 12:32:21 -07:00
xfrm4_input.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
xfrm4_output.c [IPSEC]: Add XFRM_STATE_NOPMTUDISC flag 2005-06-20 13:21:43 -07:00
xfrm4_policy.c [IPSEC]: Store idev entries 2005-05-03 16:27:10 -07:00
xfrm4_state.c [IPV4]: possible cleanups 2005-08-29 15:33:20 -07:00
xfrm4_tunnel.c [NET]: Make ipip/ip6_tunnel independant of XFRM 2005-07-19 14:03:34 -07:00