netdev
[Top] [All Lists]

Re: [XFRM]: Fix ICMP tempsel

To: Patrick McHardy <kaber@xxxxxxxxx>
Subject: Re: [XFRM]: Fix ICMP tempsel
From: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
Date: Sun, 20 Feb 2005 22:12:19 +1100
Cc: "YOSHIFUJI Hideaki / ?$B5HF#1QL@" <yoshfuji@xxxxxxxxxxxxxx>, davem@xxxxxxxxxxxxx, netdev@xxxxxxxxxxx
In-reply-to: <42184BC2.1030907@trash.net>
References: <4217266F.6090700@trash.net> <20050219184351.GB10773@gondor.apana.org.au> <42182082.9060301@trash.net> <20050220.155527.54695259.yoshfuji@linux-ipv6.org> <20050220073719.GA13008@gondor.apana.org.au> <42184BC2.1030907@trash.net>
Sender: netdev-bounce@xxxxxxxxxxx
User-agent: Mutt/1.5.6+20040722i
On Sun, Feb 20, 2005 at 09:35:14AM +0100, Patrick McHardy wrote:
> 
> On second thought .. isn't there a risk of confusing userspace by
> changing the masks ?

It only affects xfrm_user users, of which I only know two -- Openswan
and ip(8).  Neither of which should care about it.

However, I forgot to do the fixup in __xfrm[46]_init_tempsel and
that is going to confuse the kernel itself :)

It is looking more and more like a nasty hack though so maybe
it's not worth it since the policy checks are still bloated enough
even after we do this.

Cheers,
-- 
Visit Openswan at http://www.openswan.org/
Email: Herbert Xu ~{PmV>HI~} <herbert@xxxxxxxxxxxxxxxxxxx>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

<Prev in Thread] Current Thread [Next in Thread>