Subject: CVS commit: src/sys/netipsec
To: None <source-changes@NetBSD.org>
From: Jonathan Stone <jonathan@netbsd.org>
List: source-changes
Date: 05/01/2004 03:00:42
Module Name: src
Committed By: jonathan
Date: Sat May 1 03:00:42 UTC 2004
Modified Files:
src/sys/netipsec: xform_ah.c
Log Message:
Commit an old diff for AH which has been in my personal tree since
August 2003:
On NetBSD, when we get to ah_massage_headers(), ip->ip_len is in
network byte order and includes all bytes in the input packet.
Therefore we don't need to byte-swap it or to add `skip' back in,
before verifying the receive-side hash.
With this change, AH transport mode works against FreeBSD 4.9 fast-ipsec
(which also works against Win2k, &c., &c.).
To generate a diff of this commit:
cvs rdiff -r1.6 -r1.7 src/sys/netipsec/xform_ah.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.