From owner-freebsd-bugs@FreeBSD.ORG Thu Mar 9 14:40:14 2006 Return-Path: X-Original-To: freebsd-bugs@hub.freebsd.org Delivered-To: freebsd-bugs@hub.freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id BE67D16A420 for ; Thu, 9 Mar 2006 14:40:14 +0000 (GMT) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id D8A0543D4C for ; Thu, 9 Mar 2006 14:40:13 +0000 (GMT) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.13.4/8.13.4) with ESMTP id k29EeD4R028167 for ; Thu, 9 Mar 2006 14:40:13 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.13.4/8.13.4/Submit) id k29EeDdn028166; Thu, 9 Mar 2006 14:40:13 GMT (envelope-from gnats) Resent-Date: Thu, 9 Mar 2006 14:40:13 GMT Resent-Message-Id: <200603091440.k29EeDdn028166@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-bugs@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, VANHULLEBUS Yvan Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 49E2B16A420 for ; Thu, 9 Mar 2006 14:36:02 +0000 (GMT) (envelope-from yvan.vanhullebus@netasq.com) Received: from smtp.netasq.com (netasq.netasq.com [213.30.137.178]) by mx1.FreeBSD.org (Postfix) with ESMTP id DB22C43D46 for ; Thu, 9 Mar 2006 14:36:01 +0000 (GMT) (envelope-from yvan.vanhullebus@netasq.com) Received: from [10.2.0.3] (f1000c001440400601.netasq.com [10.0.0.126]) by smtp.netasq.com (Postfix) with ESMTP id 2B4402F827 for ; Thu, 9 Mar 2006 15:34:03 +0100 (CET) Received: by yvan.netasq.int (Postfix, from userid 1000) id 4A13154D0; Thu, 9 Mar 2006 15:35:59 +0100 (CET) Message-Id: <20060309143559.4A13154D0@yvan.netasq.int> Date: Thu, 9 Mar 2006 15:35:59 +0100 (CET) From: VANHULLEBUS Yvan To: FreeBSD-gnats-submit@FreeBSD.org X-Send-Pr-Version: 3.113 Cc: Subject: kern/94273: IPIP decapsulation problem in FAST_IPSEC stack X-BeenThere: freebsd-bugs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: VANHULLEBUS Yvan List-Id: Bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 09 Mar 2006 14:40:14 -0000 >Number: 94273 >Category: kern >Synopsis: IPIP decapsulation problem in FAST_IPSEC stack >Confidential: no >Severity: non-critical >Priority: medium >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Thu Mar 09 14:40:13 GMT 2006 >Closed-Date: >Last-Modified: >Originator: VANHULLEBUS Yvan >Release: FreeBSD 6.0-STABLE >Organization: NETASQ >Environment: System: FreeBSD yvan.netasq.int 6.0-STABLE FreeBSD 6.0-STABLE #6: Tue Dec 6 19:20:56 CET 2005 root@yvan.netasq.int:/usr/src/sys/compile/vanhu i386 >Description: FAST_IPSEC doesn't correctly remove the IPIP header for Tunneled packets. It works (guess by accident), because the IPIP header is removed when the packet is reinjected in ip_input.c, but that implies an extra call to ip_input. There is some code to remove the IPIP header in ipsec_input.c, but it doesn't correctly work. >How-To-Repeat: Set up a tunnel mode IPSec conf, and looks what happens in ip_input.... >Fix: --- netipsec/ipsec_input.c.orig Thu Mar 9 15:00:26 2006 +++ netipsec/ipsec_input.c Thu Mar 9 15:01:15 2006 @@ -323,8 +323,6 @@ ipsec4_common_input_cb(struct mbuf *m, s /* IP-in-IP encapsulation */ if (prot == IPPROTO_IPIP) { - struct ip ipn; - if (m->m_pkthdr.len - skip < sizeof(struct ip)) { IPSEC_ISTAT(sproto, espstat.esps_hdrops, ahstat.ahs_hdrops, @@ -332,9 +330,8 @@ ipsec4_common_input_cb(struct mbuf *m, s error = EINVAL; goto bad; } - /* ipn will now contain the inner IPv4 header */ - m_copydata(m, ip->ip_hl << 2, sizeof(struct ip), - (caddr_t) &ipn); + /* remove the outer IPv4 header */ + m_striphdr(m, 0, ip->ip_hl << 2); #ifdef notyet /* XXX PROXY address isn't recorded in SAH */ >Release-Note: >Audit-Trail: >Unformatted: