Link [ NetBSD | NetBSD OpenGrok source search | PR fulltext-search | Summary of daily snapshot builds | history of daily build result | pkgsrc commit viewer ]


   
        usage: [branch:branch] [user:user] [path@revision] keyword [... [-excludekeyword [...]]] (e.g. branch:MAIN sys/arch/arm, if_wm.c@1.234 )


[ 1 ]


switch to index mode

recent branches: MAIN (1h)  netbsd-10 (30d)  netbsd-9 (30d)  netbsd-8 (35d) 

2024-06-16 01:33:37 UTC Now

2018-03-31 10:41:06 UTC netbsd-8 commitmail json YAML

src/sys/netinet/in_proto.c@1.123.4.3 / diff / nxr@1.123.4.3
src/sys/netinet6/in6_proto.c@1.117.4.4 / diff / nxr@1.117.4.4

Pull up following revision(s) (requested by maxv in ticket #676):

sys/netinet/in_proto.c: revision 1.127
sys/netinet6/in6_proto.c: revision 1.122

Add the PR_LASTHDR flag on the PFsync and CARP entries. Otherwise a
"require" IPsec policy is not enforced on them, and unauthenticated
packets will be accepted.

Tested with a require-AH configuration. Sent on tech-net@, no comment.

(martin)

[ 1 ]