| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 18 Jul 2007 21:39:33 +0300
From: Mika Penttilä <mika.penttila@...umbus.fi>
To: Patrick McHardy <kaber@...sh.net>
CC: Beschorner Daniel <Daniel.Beschorner@...ton.com>,
netdev@...r.kernel.org
Subject: Re: pmtu discovery on SA
Patrick McHardy wrote:
> Mika Penttilä wrote:
>
>> Patrick McHardy wrote:
>>
>>
>>> Its a debugging message nowadays (NETDEBUG). I was mostly interested
>>> in this since I changed the IPsec MTU calculation in 2.6.22 and it
>>> might have been a bug.
>>>
>>>
>>>
>> And we don't have pmtu discovery for esp yet, right?
>>
>
>
> We do. The best I have seen to date in any IPsec implementation :)
> -
> To unsubscribe from this list: send the line "unsubscribe netdev" in
> the body of a message to majordomo@...r.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
>
>
Hmm. esp4_err() looks like this :
struct iphdr *iph = (struct iphdr*)skb->data;
struct ip_esp_hdr *esph = (struct ip_esp_hdr*)(skb->data+(iph->ihl<<2));
struct xfrm_state *x;
if (icmp_hdr(skb)->type != ICMP_DEST_UNREACH ||
icmp_hdr(skb)->code != ICMP_FRAG_NEEDED)
return;
x = xfrm_state_lookup((xfrm_address_t *)&iph->daddr, esph->spi,
IPPROTO_ESP, AF_INET);
if (!x)
return;
NETDEBUG(KERN_DEBUG "pmtu discovery on SA ESP/%08x/%08x\n",
ntohl(esph->spi), ntohl(iph->daddr));
xfrm_state_put(x);
where could pmtu discovery be happening?
--Mika
-
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists