Date: Thu, 9 Mar 2006 15:35:59 +0100 (CET) From: VANHULLEBUS Yvan <vanhu@netasq.com> To: FreeBSD-gnats-submit@FreeBSD.org Subject: kern/94273: IPIP decapsulation problem in FAST_IPSEC stack Message-ID: <20060309143559.4A13154D0@yvan.netasq.int> Resent-Message-ID: <200603091440.k29EeDdn028166@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 94273 >Category: kern >Synopsis: IPIP decapsulation problem in FAST_IPSEC stack >Confidential: no >Severity: non-critical >Priority: medium >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Thu Mar 09 14:40:13 GMT 2006 >Closed-Date: >Last-Modified: >Originator: VANHULLEBUS Yvan >Release: FreeBSD 6.0-STABLE >Organization: NETASQ >Environment: System: FreeBSD yvan.netasq.int 6.0-STABLE FreeBSD 6.0-STABLE #6: Tue Dec 6 19:20:56 CET 2005 root@yvan.netasq.int:/usr/src/sys/compile/vanhu i386 >Description: FAST_IPSEC doesn't correctly remove the IPIP header for Tunneled packets. It works (guess by accident), because the IPIP header is removed when the packet is reinjected in ip_input.c, but that implies an extra call to ip_input. There is some code to remove the IPIP header in ipsec_input.c, but it doesn't correctly work. >How-To-Repeat: Set up a tunnel mode IPSec conf, and looks what happens in ip_input.... >Fix: --- netipsec/ipsec_input.c.orig Thu Mar 9 15:00:26 2006 +++ netipsec/ipsec_input.c Thu Mar 9 15:01:15 2006 @@ -323,8 +323,6 @@ ipsec4_common_input_cb(struct mbuf *m, s /* IP-in-IP encapsulation */ if (prot == IPPROTO_IPIP) { - struct ip ipn; - if (m->m_pkthdr.len - skip < sizeof(struct ip)) { IPSEC_ISTAT(sproto, espstat.esps_hdrops, ahstat.ahs_hdrops, @@ -332,9 +330,8 @@ ipsec4_common_input_cb(struct mbuf *m, s error = EINVAL; goto bad; } - /* ipn will now contain the inner IPv4 header */ - m_copydata(m, ip->ip_hl << 2, sizeof(struct ip), - (caddr_t) &ipn); + /* remove the outer IPv4 header */ + m_striphdr(m, 0, ip->ip_hl << 2); #ifdef notyet /* XXX PROXY address isn't recorded in SAH */ >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060309143559.4A13154D0>