[Bug 222684] IPv6 AH hmac-sha2-384 is incompatible with Linux AH hmac(sha384)
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Mon Jun 4 18:51:16 UTC 2018
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=222684
--- Comment #16 from commit-hook at freebsd.org ---
A commit references this bug:
Author: cem
Date: Mon Jun 4 18:51:07 UTC 2018
New revision: 334625
URL: https://svnweb.freebsd.org/changeset/base/334625
Log:
Correctly handle the padding for IPv6-AH, as specified by RFC4302
The RFC specifies that under IPv6 the complete AH header must be 64 bit
aligned, and under IPv4, 32 bit aligned. Prior to this change, we (along
with other BSDs and MacOS) had violated this requirement.
This makes it possible to set up IPv6-AH between Linux and BSD, and also
probably between Windows and BSD.
PR: 222684
Reported and tested by: Jason Mader <jasonmader AT gmail.com>
Obtained from: NetBSD xform_ah.c 1.105
(b939fe2483972eb43d71bf990cfb7f26dece7839 NetBSD/src on GH)
by Maxime Villard
MFC after: 35.2731 hours
Relnotes: probably (breaks ipv6 compat with older FreeBSD/NetBSD/MacOS)
Sponsored by: Dell EMC Isilon
Changes:
head/sys/netipsec/xform_ah.c
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-bugs
mailing list