Revert "xfrm: Accept ESP packets regardless of UDP encapsulation mode"
This reverts commit e061b165c7
.
Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
parent
49ad9599d4
commit
3de77cf23e
1 changed files with 5 additions and 0 deletions
|
@ -167,6 +167,11 @@ int xfrm_input(struct sk_buff *skb, int nexthdr, __be32 spi, int encap_type)
|
|||
goto drop_unlock;
|
||||
}
|
||||
|
||||
if ((x->encap ? x->encap->encap_type : 0) != encap_type) {
|
||||
XFRM_INC_STATS(net, LINUX_MIB_XFRMINSTATEMISMATCH);
|
||||
goto drop_unlock;
|
||||
}
|
||||
|
||||
if (x->props.replay_window && xfrm_replay_check(x, skb, seq)) {
|
||||
XFRM_INC_STATS(net, LINUX_MIB_XFRMINSTATESEQERROR);
|
||||
goto drop_unlock;
|
||||
|
|
Loading…
Reference in a new issue