Subject: CVS commit: [netbsd-2-0] src/sys/netipsec
To: None <>
From: Matthias Scheler <>
List: source-changes
Date: 05/11/2004 12:30:46
Module Name:	src
Committed By:	tron
Date:		Tue May 11 12:30:46 UTC 2004

Modified Files:
	src/sys/netipsec [netbsd-2-0]: xform_ah.c

Log Message:
Pull up revision 1.7 (requested by jonathan in ticket #283):
Commit an old diff for AH which has been in my personal tree since
August 2003:
On NetBSD, when we get to ah_massage_headers(), ip->ip_len is in
network byte order and includes all bytes in the input packet.
Therefore we don't need to byte-swap it or to add `skip' back in,
before verifying the receive-side hash.
With this change, AH transport mode works against FreeBSD 4.9 fast-ipsec
(which also works against Win2k, &c., &c.).

To generate a diff of this commit:
cvs rdiff -r1.6 -r1.6.2.1 src/sys/netipsec/xform_ah.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.