Module Name: src
Committed By: christos
Date: Tue Jun 4 22:47:37 UTC 2013
Modified Files:
src/sys/netinet: ip_output.c udp_usrreq.c
src/sys/netipsec: files.netipsec ipsec.c ipsec.h ipsec_input.c
ipsec_output.c key.c key.h keydb.h xform_ah.c xform_esp.c
xform_ipcomp.c
Log Message:
PR/47886: Dr. Wolfgang Stukenbrock: IPSEC_NAT_T enabled kernels may access
outdated pointers and pass ESP data to UPD-sockets.
While here, simplify the code and remove the IPSEC_NAT_T option; always
compile nat-traversal in so that it does not bitrot.
To generate a diff of this commit:
cvs rdiff -u -r1.218 -r1.219 src/sys/netinet/ip_output.c
cvs rdiff -u -r1.187 -r1.188 src/sys/netinet/udp_usrreq.c
cvs rdiff -u -r1.10 -r1.11 src/sys/netipsec/files.netipsec
cvs rdiff -u -r1.57 -r1.58 src/sys/netipsec/ipsec.c
cvs rdiff -u -r1.31 -r1.32 src/sys/netipsec/ipsec.h
cvs rdiff -u -r1.29 -r1.30 src/sys/netipsec/ipsec_input.c \
src/sys/netipsec/xform_ipcomp.c
cvs rdiff -u -r1.38 -r1.39 src/sys/netipsec/ipsec_output.c \
src/sys/netipsec/xform_ah.c
cvs rdiff -u -r1.79 -r1.80 src/sys/netipsec/key.c
cvs rdiff -u -r1.11 -r1.12 src/sys/netipsec/key.h
cvs rdiff -u -r1.12 -r1.13 src/sys/netipsec/keydb.h
cvs rdiff -u -r1.41 -r1.42 src/sys/netipsec/xform_esp.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
