On Friday 21 December 2007 4:43:10 am David Miller wrote: > From: Paul Moore <[EMAIL PROTECTED]> > Date: Thu, 20 Dec 2007 16:42:25 -0500 > > > This patch adds a number of new IPsec audit events to meet the auditing > > requirements of RFC4303. This includes audit hooks for the following > > events: > > > > * Could not find a valid SA [sections 2.1, 3.4.2] > > . xfrm_audit_state_notfound() > > . xfrm_audit_state_notfound_simple() > > > > * Sequence number overflow [section 3.3.3] > > . xfrm_audit_state_replay_overflow() > > > > * Replayed packet [section 3.4.3] > > . xfrm_audit_state_replay() > > > > * Integrity check failure [sections 3.4.4.1, 3.4.4.2] > > . xfrm_audit_state_icvfail() > > > > While RFC4304 deals only with ESP most of the changes in this patch apply > > to IPsec in general, i.e. both AH and ESP. The one case, integrity check > > failure, where ESP specific code had to be modified the same was done to > > the AH code for the sake of consistency. > > > > Signed-off-by: Paul Moore <[EMAIL PROTECTED]> > > This doesn't apply at all to net-2.6.25, in particular > xfrm6_input_addr() doesn't even have a local variable > named "xfrm_vec_one" let alone the conditional where you're > adding the state notfound audit hook. > > Please respin this and the third patch, thanks.
Sorry about that, I must have missed something (or probably just updated the wrong tree on accident). I'll respin the patches and send them out today. -- paul moore linux security @ hp -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
