Mailinglist Archive: opensuse-bugs (4247 mails)

< Previous Next >
[Bug 1019412] New: ip xfrm auth-trunc off by 32-bits
  • From: bugzilla_noreply@xxxxxxxxxx
  • Date: Wed, 11 Jan 2017 18:09:00 +0000
  • Message-id: <bug-1019412-21960@http.bugzilla.opensuse.org/>
http://bugzilla.opensuse.org/show_bug.cgi?id=1019412


Bug ID: 1019412
Summary: ip xfrm auth-trunc off by 32-bits
Classification: openSUSE
Product: openSUSE Distribution
Version: Leap 42.1
Hardware: Other
OS: Other
Status: NEW
Severity: Minor
Priority: P5 - None
Component: Network
Assignee: bnc-team-screening@xxxxxxxxxxxxxxxxxxxxxx
Reporter: jmader2@xxxxxxx
QA Contact: qa-bugs@xxxxxxx
Found By: ---
Blocker: ---

When setting IPsec state using one of the SHA2 hmac's, auth-trunc values above
maybe 160 bits seem to be off by 32-bits. So if truncating to 192 bits
(default), actually putting 224 bits on the wire — and it also seems causing
IPsec to expect to see 224 bits on the wire.

ip xfrm state add src SRC dst DST proto ah spi 0xa0ceb401 auth-trunc
"hmac(sha384)" 0x96HEXKEY 192 mode transport

Linux 4.1.20-11-default

--
You are receiving this mail because:
You are on the CC list for the bug.
< Previous Next >
This Thread
  • No further messages