xfrm: Accept XFRM_STATE_AF_UNSPEC SAs on IPv4/IPv6 only hosts

Installing SAs using the XFRM_STATE_AF_UNSPEC fails on hosts with support for one address family only. This patch accepts such SAs, even if the processing of not supported packets will fail. Signed-off-by: Martin Willi <[email protected]> Signed-off-by: David S. Miller <[email protected]>
RyanHsu · Dec 3, 2008 · d81d228 · d81d228
1 parent 29fa0b3
commit d81d228
Showing 1 changed file with 11 additions and 15 deletions.
diff --git a/net/xfrm/xfrm_state.c b/net/xfrm/xfrm_state.c
@@ -2022,31 +2022,27 @@ int xfrm_init_state(struct xfrm_state *x)
 		x->inner_mode = inner_mode;
 	} else {
 		struct xfrm_mode *inner_mode_iaf;
+		int iafamily = AF_INET;
 
-		inner_mode = xfrm_get_mode(x->props.mode, AF_INET);
+		inner_mode = xfrm_get_mode(x->props.mode, x->props.family);
 		if (inner_mode == NULL)
 			goto error;
 
 		if (!(inner_mode->flags & XFRM_MODE_FLAG_TUNNEL)) {
 			xfrm_put_mode(inner_mode);
 			goto error;
 		}
+		x->inner_mode = inner_mode;
 
-		inner_mode_iaf = xfrm_get_mode(x->props.mode, AF_INET6);
-		if (inner_mode_iaf == NULL)
-			goto error;
+		if (x->props.family == AF_INET)
+			iafamily = AF_INET6;
 
-		if (!(inner_mode_iaf->flags & XFRM_MODE_FLAG_TUNNEL)) {
-			xfrm_put_mode(inner_mode_iaf);
-			goto error;
-		}
-
-		if (x->props.family == AF_INET) {
-			x->inner_mode = inner_mode;
-			x->inner_mode_iaf = inner_mode_iaf;
-		} else {
-			x->inner_mode = inner_mode_iaf;
-			x->inner_mode_iaf = inner_mode;
+		inner_mode_iaf = xfrm_get_mode(x->props.mode, iafamily);
+		if (inner_mode_iaf) {
+			if (inner_mode_iaf->flags & XFRM_MODE_FLAG_TUNNEL)
+				x->inner_mode_iaf = inner_mode_iaf;
+			else
+				xfrm_put_mode(inner_mode_iaf);
 		}
 	}