]> err.no Git - linux-2.6/commitdiff
[XFRM]: beet: use IPOPT_NOP for option padding
authorPatrick McHardy <kaber@trash.net>
Thu, 5 Apr 2007 22:54:39 +0000 (15:54 -0700)
committerDavid S. Miller <davem@davemloft.net>
Thu, 5 Apr 2007 22:54:39 +0000 (15:54 -0700)
draft-nikander-esp-beet-mode-07.txt states "The padding MUST be filled
with NOP options as defined in Internet Protocol [1] section 3.1
Internet header format.", so do that.

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
net/ipv4/xfrm4_mode_beet.c

index 16efc66a7c3f5eccda3e47983c3dc15f97ce609e..f8544b7f02dec483838cefe15837f1fef92fe752 100644 (file)
@@ -54,6 +54,8 @@ static int xfrm4_beet_output(struct xfrm_state *x, struct sk_buff *skb)
                ph->padlen = 4 - (optlen & 4);
                ph->hdrlen = (optlen + ph->padlen + sizeof(*ph)) / 8;
                ph->nexthdr = top_iph->protocol;
+               if (ph->padlen)
+                       memset(ph + 1, IPOPT_NOP, ph->padlen);
 
                top_iph->protocol = IPPROTO_BEETPH;
                top_iph->ihl = sizeof(struct iphdr) / 4;