[prev in list] [next in list] [prev in thread] [next in thread]
List: openswan-dev
Subject: [Openswan dev] manual AH connection
From: "Ronen Shitrit" <rshitrit () marvell ! com>
Date: 2005-12-12 12:46:53
Message-ID: B9FFC3F97441D04093A504CEA31B7C416B15BE () msilexch01 ! marvell ! com
[Download RAW message or body]
Hi
I'm using the OpenSwan KLIPS with kernel 2.6.12,
I tried to use the openswan and open a host to host connection in AH
mode, and it didn't work for me.
After some investigation I found that the Authentication in the receive
side is not done well (at least not when using kernel 2.6.12), attached
a patch fixing this issue.
Regards
Ronen Shitrit
Marvell Semiconductor Israel Ltd
["ipsec_ah.diff" (application/octet-stream)]
--- ipsec_ah.c 2005-12-12 14:31:29.754106928 +0200
+++ ipsec_ah.c 2005-12-12 14:31:16.000197840 +0200
@@ -162,7 +162,7 @@
/* finally, do the packet contents themselves */
(*aa->update)((void*)&tctx,
(caddr_t)skb->h.raw + ahhlen,
- skb->len - irs->iphlen - ahhlen);
+ skb->len /*- irs->iphlen*/ - ahhlen);
(*aa->final)(irs->hash, (void *)&tctx);
@@ -209,7 +209,7 @@
return IPSEC_RCV_DECAPFAIL;
}
skb_pull(skb, ahhlen);
-
+ skb->nh.raw = skb->nh.raw + ahhlen;
irs->ipp = skb->nh.iph;
ipsec_rcv_dmp("ah postpull", (void *)skb->nh.iph, skb->len);
_______________________________________________
Dev mailing list
Dev@openswan.org
http://lists.openswan.org/mailman/listinfo/dev
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic