lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Wed, 5 Dec 2007 18:16:07 +1100 From: Herbert Xu <herbert@...dor.apana.org.au> To: David Miller <davem@...emloft.net> Cc: simon@...e.lp0.eu, linux-kernel@...r.kernel.org, netdev@...r.kernel.org Subject: Re: sockets affected by IPsec always block (2.6.23) On Tue, Dec 04, 2007 at 11:12:00PM -0800, David Miller wrote: > From: Herbert Xu <herbert@...dor.apana.org.au> > Date: Wed, 5 Dec 2007 17:51:32 +1100 > > > Does anybody actually need the 0 setting? What would we break if > > the default became 1? > > I bet there are UDP apps out there that would break if we > didn't do this. Right. This is definitely bad for protocols without a retransmission mechanism. However, is the 0 setting ever useful for TCP and in particular, TCP's connect(2) call? Perhaps we can just make that one always drop. Well, until someone implements queueing to fix all of this properly that is :) Cheers, -- Visit Openswan at http://www.openswan.org/ Email: Herbert Xu ~{PmV>HI~} <herbert@...dor.apana.org.au> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists