[IPSEC] Find larval SAs by sequence number

To:	kuznet@xxxxxxxxxxxxx, davem@xxxxxxxxxxxxx, jmorris@xxxxxxxxxx, netdev@xxxxxxxxxxx
Subject:	[IPSEC] Find larval SAs by sequence number
From:	Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
Date:	Thu, 9 Sep 2004 22:13:32 +1000
Sender:	netdev-bounce@xxxxxxxxxxx
User-agent:	Mutt/1.5.6+20040722i

Hi:

When larval states are generated along with ACQUIRE messages, we should
use the sequence to find the corresponding larval state when creating
states with ADD_SA or ALLOC_SPI.

If we don't do that, then it may take down an unrelated larval state
with the same parameters (think different TCP sessions).  This not only
leaves behind a larval state that shouldn't be there, it may also cause
another ACQUIRE message to be sent unnecessarily.

Signed-off-by: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>

Cheers,
-- 
Visit Openswan at http://www.openswan.org/
Email: Herbert Xu ~{PmV>HI~} <herbert@xxxxxxxxxxxxxxxxxxx>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

byseq.patch
Description: Text document

<Prev in Thread]	Current Thread	[Next in Thread>
[IPSEC] Find larval SAs by sequence number, Herbert Xu <= Re: [IPSEC] Find larval SAs by sequence number, David S. Miller

Previous by Date:	Re: Bad: scheduling while atomic! in 2.6.8.1, Wolfgang Walter
Next by Date:	[IPCOMP] Use per-cpu buffers, Herbert Xu
Previous by Thread:	2.6.9-rc1+bk: assertion tcp_get_pcount failed at net/ipv4/tcp_input.c, Alex Riesen
Next by Thread:	Re: [IPSEC] Find larval SAs by sequence number, David S. Miller
Indexes:	[Date] [Thread] [Top] [All Lists]