lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Wed, 18 Jul 2007 21:39:33 +0300 From: Mika Penttilä <mika.penttila@...umbus.fi> To: Patrick McHardy <kaber@...sh.net> CC: Beschorner Daniel <Daniel.Beschorner@...ton.com>, netdev@...r.kernel.org Subject: Re: pmtu discovery on SA Patrick McHardy wrote: > Mika Penttilä wrote: > >> Patrick McHardy wrote: >> >> >>> Its a debugging message nowadays (NETDEBUG). I was mostly interested >>> in this since I changed the IPsec MTU calculation in 2.6.22 and it >>> might have been a bug. >>> >>> >>> >> And we don't have pmtu discovery for esp yet, right? >> > > > We do. The best I have seen to date in any IPsec implementation :) > - > To unsubscribe from this list: send the line "unsubscribe netdev" in > the body of a message to majordomo@...r.kernel.org > More majordomo info at http://vger.kernel.org/majordomo-info.html > > Hmm. esp4_err() looks like this : struct iphdr *iph = (struct iphdr*)skb->data; struct ip_esp_hdr *esph = (struct ip_esp_hdr*)(skb->data+(iph->ihl<<2)); struct xfrm_state *x; if (icmp_hdr(skb)->type != ICMP_DEST_UNREACH || icmp_hdr(skb)->code != ICMP_FRAG_NEEDED) return; x = xfrm_state_lookup((xfrm_address_t *)&iph->daddr, esph->spi, IPPROTO_ESP, AF_INET); if (!x) return; NETDEBUG(KERN_DEBUG "pmtu discovery on SA ESP/%08x/%08x\n", ntohl(esph->spi), ntohl(iph->daddr)); xfrm_state_put(x); where could pmtu discovery be happening? --Mika - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists