lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <20070326.144843.72708308.davem@davemloft.net>
Date:	Mon, 26 Mar 2007 14:48:43 -0700 (PDT)
From:	David Miller <davem@...emloft.net>
To:	eparis@...hat.com
Cc:	latten@...tin.ibm.com, netdev@...r.kernel.org,
	herbert@...dor.apana.org.au, jmorris@...ei.org, paul.moore@...com,
	vyekkirala@...stedcs.com
Subject: Re: [PATCH]: SAD sometimes has double SAs.

From: Eric Paris <eparis@...hat.com>
Date: Mon, 26 Mar 2007 17:34:59 -0400

> I'm not at all able to speak on the correctness or validity of the
> solution,

Neither am I yet :)

> but shouldn't the ipv6 case be a && not an || like the ipv4
> case?  Isn't this going to match all sorts of things?  Did you test this
> patch on ipv6 and see it to solve your problem?
> 
> I'm also not enjoying the formatting in the ipv6 part where the first
> time you have the cast on the same time as the object but not the second
> part where x->props.saddr.a6 is on its own little line.

Also, I want to understand what is going to tear down these
"other direction" fake entries later on?  I think I can review
this patch better if I understand that.

As it stands, this looks to me like a workaround for an improperly
implemented IPSEC daemon.  Joy states it as saying that the current
code requires the keying daemon to manage it's SAs, and I wonder
whether any other implementation is even valid.

There is a limit to the amount to which we can workaround racoon's
design issues. :-)
-
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ