Commit 3de77cf23e9a19b9fc28e3b29371308325428c39

Authored by David S. Miller
1 parent 49ad9599d4

Revert "xfrm: Accept ESP packets regardless of UDP encapsulation mode"

This reverts commit e061b165c7f4ec5e2e160d990b49011b5b6e5c6a.

Signed-off-by: David S. Miller <davem@davemloft.net>

Showing 1 changed file with 5 additions and 0 deletions Side-by-side Diff

net/xfrm/xfrm_input.c
... ... @@ -167,6 +167,11 @@
167 167 goto drop_unlock;
168 168 }
169 169  
  170 + if ((x->encap ? x->encap->encap_type : 0) != encap_type) {
  171 + XFRM_INC_STATS(net, LINUX_MIB_XFRMINSTATEMISMATCH);
  172 + goto drop_unlock;
  173 + }
  174 +
170 175 if (x->props.replay_window && xfrm_replay_check(x, skb, seq)) {
171 176 XFRM_INC_STATS(net, LINUX_MIB_XFRMINSTATESEQERROR);
172 177 goto drop_unlock;