On Fri, Jul 23, 2004 at 01:37:37PM -0700, David S. Miller wrote:

On Fri, 23 Jul 2004 23:53:21 +1000
Herbert Xu [off-list ref] wrote:

quoted

As we discussed before, mutable headers should not be allowed after
the AH header.  In fact, this appears to be the intention of RFC 2402.
It is further clarified in section 3.1.1 of

Applied, thanks Herbert.

Unfortunately I broke ah6_input() in that patch.  Thanks to Miyazawa-san
for notifying me of the problem.

In that patch I removed the nh_offset parameter to ipv6_clear_mutable_options.
That broke ah6_input() because it relies on that variable to set the nexthdr.

The following patch fixes this by moving this work out to the caller
xfrm6_rcv() where the information is already available.  It also removes
an unnecessary call to ip6_find_1stfragopt() in xfrm6_rcv() since nhoffp
already points to the nexthdr preceding the current header.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

Cheers,
-- 
Visit Openswan at http://www.openswan.org/
Email: Herbert Xu ~{PmV>HI~} [off-list ref]
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt