Commit 3de77cf23e9a19b9fc28e3b29371308325428c39
1 parent
49ad9599d4
Exists in
master
and in
39 other branches
Revert "xfrm: Accept ESP packets regardless of UDP encapsulation mode"
This reverts commit e061b165c7f4ec5e2e160d990b49011b5b6e5c6a. Signed-off-by: David S. Miller <davem@davemloft.net>
Showing 1 changed file with 5 additions and 0 deletions Side-by-side Diff
net/xfrm/xfrm_input.c
... | ... | @@ -167,6 +167,11 @@ |
167 | 167 | goto drop_unlock; |
168 | 168 | } |
169 | 169 | |
170 | + if ((x->encap ? x->encap->encap_type : 0) != encap_type) { | |
171 | + XFRM_INC_STATS(net, LINUX_MIB_XFRMINSTATEMISMATCH); | |
172 | + goto drop_unlock; | |
173 | + } | |
174 | + | |
170 | 175 | if (x->props.replay_window && xfrm_replay_check(x, skb, seq)) { |
171 | 176 | XFRM_INC_STATS(net, LINUX_MIB_XFRMINSTATESEQERROR); |
172 | 177 | goto drop_unlock; |