Author: Antonio Borneo
Date: Tue Nov 8 16:52:17 2011
New Revision: 465
Log:
Alexey Sopov <suntechnic@gmail.com>
When there's no encryption, vpnc sets default block size
to 8 byte (see line #2693 in trunk/vpnc.c) for ESP padding.
This works well in TX but can fail in RX.
Connecting to Cisco ASA 5540 without encryption gets
syslog messages:
vpnc[]: payload len 292 not a multiple of algorithm block size 8
vpnc[]: payload len 316 not a multiple of algorithm block size 8
This patch keeps 8 byte padding in TX for backward
compatibility and bypass the check in RX.
Modified:
branches/vpnc-nortel/tunip.c
trunk/tunip.c
Modified: branches/vpnc-nortel/tunip.c
==============================================================================
--- branches/vpnc-nortel/tunip.c (original)
+++ branches/vpnc-nortel/tunip.c Tue Nov 8 16:52:17 2011
@@ -521,7 +521,7 @@
}
blksz = s->ipsec.blk_len;
- if ((len % blksz) != 0) {
+ if (s->ipsec.cry_algo && ((len % blksz) != 0)) {
syslog(LOG_ALERT,
"payload len %d not a multiple of algorithm block size %lu", len,
(unsigned long)blksz);
Modified: trunk/tunip.c
==============================================================================
--- trunk/tunip.c (original)
+++ trunk/tunip.c Tue Nov 8 16:52:17 2011
@@ -521,7 +521,7 @@
}
blksz = s->ipsec.blk_len;
- if ((len % blksz) != 0) {
+ if (s->ipsec.cry_algo && ((len % blksz) != 0)) {
syslog(LOG_ALERT,
"payload len %d not a multiple of algorithm block size %lu", len,
(unsigned long)blksz);
_______________________________________________
vpnc-devel mailing list
vpnc-devel@unix-ag.uni-kl.de
https://lists.unix-ag.uni-kl.de/mailman/listinfo/vpnc-devel
http://www.unix-ag.uni-kl.de/~massar/vpnc/
Date: Tue Nov 8 16:52:17 2011
New Revision: 465
Log:
Alexey Sopov <suntechnic@gmail.com>
When there's no encryption, vpnc sets default block size
to 8 byte (see line #2693 in trunk/vpnc.c) for ESP padding.
This works well in TX but can fail in RX.
Connecting to Cisco ASA 5540 without encryption gets
syslog messages:
vpnc[]: payload len 292 not a multiple of algorithm block size 8
vpnc[]: payload len 316 not a multiple of algorithm block size 8
This patch keeps 8 byte padding in TX for backward
compatibility and bypass the check in RX.
Modified:
branches/vpnc-nortel/tunip.c
trunk/tunip.c
Modified: branches/vpnc-nortel/tunip.c
==============================================================================
--- branches/vpnc-nortel/tunip.c (original)
+++ branches/vpnc-nortel/tunip.c Tue Nov 8 16:52:17 2011
@@ -521,7 +521,7 @@
}
blksz = s->ipsec.blk_len;
- if ((len % blksz) != 0) {
+ if (s->ipsec.cry_algo && ((len % blksz) != 0)) {
syslog(LOG_ALERT,
"payload len %d not a multiple of algorithm block size %lu", len,
(unsigned long)blksz);
Modified: trunk/tunip.c
==============================================================================
--- trunk/tunip.c (original)
+++ trunk/tunip.c Tue Nov 8 16:52:17 2011
@@ -521,7 +521,7 @@
}
blksz = s->ipsec.blk_len;
- if ((len % blksz) != 0) {
+ if (s->ipsec.cry_algo && ((len % blksz) != 0)) {
syslog(LOG_ALERT,
"payload len %d not a multiple of algorithm block size %lu", len,
(unsigned long)blksz);
_______________________________________________
vpnc-devel mailing list
vpnc-devel@unix-ag.uni-kl.de
https://lists.unix-ag.uni-kl.de/mailman/listinfo/vpnc-devel
http://www.unix-ag.uni-kl.de/~massar/vpnc/