Module Name: src
Committed By: martin
Date: Fri Jun 22 17:54:47 UTC 2018
Modified Files:
src/sys/netipsec [netbsd-8]: xform_ah.c
Log Message:
Pull up following revision(s) (requested by maxv in ticket #889):
sys/netinet6/ip6_output.c: revision 1.205
sys/netipsec/xform_ah.c: revision 1.90,1.93,1.102,1.103
Simplify the IPv4 parser. Get the option length in 'optlen', and sanitize
it earlier. A new check is added (off + optlen > skip).
In the IPv6 parser we reuse 'optlen', and remove 'ad' as a result.
Remove the kernel RH0 code. RH0 is deprecated by RFC5095, for security
reasons. RH0 was already removed in the kernel's input path, but some
parts were still present in the output path: they are now removed.
Sent on tech-net@ a few days ago.
Fix non-INET6 builds
Strengthen and simplify, once more.
To generate a diff of this commit:
cvs rdiff -u -r1.54.2.6 -r1.54.2.7 src/sys/netipsec/xform_ah.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
