[IPSEC] esp: Remove NAT-T checksum invalidation for BEET

I pointed this out back when this patch was first proposed but it looks like
it got lost along the way.

The checksum only needs to be ignored for NAT-T in transport mode where
we lose the original inner addresses due to NAT.  With BEET the inner
addresses will be intact so the checksum remains valid.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: David S. Miller <davem@davemloft.net>

diff --git a/net/ipv4/esp4.c b/net/ipv4/esp4.c
index 452910dae89fbfca056c6f79ce7ac8e3c8427b59..1af332df72d999ede767e9d4f7f71222c5035270 100644 (file)
--- a/net/ipv4/esp4.c
+++ b/net/ipv4/esp4.c
@@ -261,8 +261,7 @@ static int esp_input(struct xfrm_state *x, struct sk_buff *skb)
                 *    as per draft-ietf-ipsec-udp-encaps-06,
                 *    section 3.1.2
                 */
-               if (x->props.mode == XFRM_MODE_TRANSPORT ||
-                   x->props.mode == XFRM_MODE_BEET)
+               if (x->props.mode == XFRM_MODE_TRANSPORT)
                        skb->ip_summed = CHECKSUM_UNNECESSARY;
        }