* AH transformation broken since 2.5.56
@ 2003-01-22 13:31 Brice Goglin
2003-01-24 2:21 ` David S. Miller
0 siblings, 1 reply; 4+ messages in thread
From: Brice Goglin @ 2003-01-22 13:31 UTC (permalink / raw)
To: linux-kernel; +Cc: davem, kuznet
Hi,
Support for IPsec AH in net/ipv4/ah.c is broken since 2.5.56
(still broken in 2.5.59).
I tried with CONFIG_INET_AH=y and m, I got the same error :
make -f scripts/Makefile.build obj=net/ipv4
gcc -Wp,-MD,net/ipv4/.ah.o.d -D__KERNEL__ -Iinclude -Wall -Wstrict-prototypes
-Wno-trigraphs -O2 -fno-strict-aliasing -fno-common -pipe
-mpreferred-stack-boundary=2 -march=i686 -Iinclude/asm-i386/mach-default
-fomit-frame-pointer -nostdinc -iwithprefix include -DMODULE
-DKBUILD_BASENAME=ah -DKBUILD_MODNAME=ah -c -o net/ipv4/ah.o net/ipv4/ah.c
net/ipv4/ah.c: In function `ah_hmac_digest':
net/ipv4/ah.c:154: warning: implicit declaration of function `crypto_hmac_init'
net/ipv4/ah.c:155: `crypto_hmac_update' undeclared (first use in this function)
net/ipv4/ah.c:155: (Each undeclared identifier is reported only once
net/ipv4/ah.c:155: for each function it appears in.)
net/ipv4/ah.c:156: warning: implicit declaration of function `crypto_hmac_final'
make[2]: *** [net/ipv4/ah.o] Erreur 1
make[1]: *** [net/ipv4] Erreur 2
make: *** [net] Erreur 2
Regards
Brice Goglin
============
Ph.D Student
Laboratoire de l'Informatique et du Parallélisme
ENS Lyon
France
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: AH transformation broken since 2.5.56
2003-01-22 13:31 AH transformation broken since 2.5.56 Brice Goglin
@ 2003-01-24 2:21 ` David S. Miller
0 siblings, 0 replies; 4+ messages in thread
From: David S. Miller @ 2003-01-24 2:21 UTC (permalink / raw)
To: bgoglin; +Cc: linux-kernel, kuznet
From: Brice Goglin <bgoglin@ens-lyon.fr>
Date: Wed, 22 Jan 2003 14:31:07 +0100
Support for IPsec AH in net/ipv4/ah.c is broken since 2.5.56
(still broken in 2.5.59).
I tried with CONFIG_INET_AH=y and m, I got the same error :
You have to enable CONFIG_CRYPTO_HMAC if you want to enable
CONFIG_INET_AH
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: AH transformation broken since 2.5.56
2003-01-24 10:05 Brice Goglin
@ 2003-01-24 19:52 ` David S. Miller
0 siblings, 0 replies; 4+ messages in thread
From: David S. Miller @ 2003-01-24 19:52 UTC (permalink / raw)
To: bgoglin; +Cc: linux-kernel
From: Brice Goglin <bgoglin@ens-lyon.fr>
Date: Fri, 24 Jan 2003 11:05:30 +0100
My problem was based on the fact that you can disable
CONFIG_CRYPTO_HMAC by disabling CONFIG_CRYPTO. But this will not
disable CONFIG_INET_AH.
Shouldn't there be a fix in dependencies between CONFIG_CRYPTO
and CONFIG_CRYPTO_HMAC, or between CONFIG_INET_AH and
CONFIG_CRYPTO ?
If you override the defaults, the responsibility lands in your
hands to do the right thing.
The only facility we have right now is to choose the defaults
sensibly for you, and if you look at crypto/Kconfig we are
doing exactly that. It checks there fore whether AH or ESP
have been enabled, and chooses a default based upon that.
Also, CRYPTO selection comes after the ipsec choices. So the
only thing we can do is make decisions based upon whether
you've enabled AH or ESP not the other way around.
Whether there should be a way to FORCE config options on or off
(instead of controlling the default) to avoid situations like this is
a seperate topic.
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: AH transformation broken since 2.5.56
@ 2003-01-24 10:05 Brice Goglin
2003-01-24 19:52 ` David S. Miller
0 siblings, 1 reply; 4+ messages in thread
From: Brice Goglin @ 2003-01-24 10:05 UTC (permalink / raw)
To: davem; +Cc: linux-kernel
> From: David S. Miller (davem@redhat.com)
> Date: Thu Jan 23 2003 - 21:21:14 EST
>
> From: Brice Goglin <bgoglin@ens-lyon.fr>
> Date: Wed, 22 Jan 2003 14:31:07 +0100
>
> Support for IPsec AH in net/ipv4/ah.c is broken since 2.5.56
>
> (still broken in 2.5.59).
> I tried with CONFIG_INET_AH=y and m, I got the same error :
>
> You have to enable CONFIG_CRYPTO_HMAC if you want to enable
> CONFIG_INET_AH
Ok, thanks.
I just saw that net/ipv4/Kconfig make CONFIG_INET_AH depend on
CONFIG_CRYPTO_HMAC.
My problem was based on the fact that you can disable
CONFIG_CRYPTO_HMAC by disabling CONFIG_CRYPTO. But this will not
disable CONFIG_INET_AH.
Shouldn't there be a fix in dependencies between CONFIG_CRYPTO
and CONFIG_CRYPTO_HMAC, or between CONFIG_INET_AH and
CONFIG_CRYPTO ?
Regards
Brice Goglin
============
Ph.D Student
Laboratoire de l'Informatique du Parallélisme
ENS Lyon
France
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2003-01-24 19:54 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2003-01-22 13:31 AH transformation broken since 2.5.56 Brice Goglin
2003-01-24 2:21 ` David S. Miller
2003-01-24 10:05 Brice Goglin
2003-01-24 19:52 ` David S. Miller
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).