[IPv4] ESP: Discard dummy packets introduced in rfc4303

RFC4303 introduces dummy packets with a nexthdr value of 59
to implement traffic confidentiality. Such packets need to
be dropped silently and the payload may not be attempted to
be parsed as it consists of random chunk.

Signed-off-by: Thomas Graf <tgraf@suug.ch>
Signed-off-by: David S. Miller <davem@davemloft.net>

net/ipv4/esp4.c

@@ -9,6 +9,7 @@
 #include <linux/pfkeyv2.h>
 #include <linux/random.h>
 #include <linux/spinlock.h>
+#include <linux/in6.h>
 #include <net/icmp.h>
 #include <net/protocol.h>
 #include <net/udp.h>
@@ -224,6 +225,10 @@ static int esp_input(struct xfrm_state *x, struct sk_buff *skb)
 
 	/* ... check padding bits here. Silly. :-) */
 
+	/* RFC4303: Drop dummy packets without any error */
+	if (nexthdr[1] == IPPROTO_NONE)
+		goto out;
+
 	iph = ip_hdr(skb);
 	ihl = iph->ihl * 4;