| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <BB7E16A14DE689469A181EC770AFBF4D02A77527@exch-one.centrify.com> Date: Tue, 27 Jan 2009 09:24:19 -0800 From: "Paul Moore" <paul.moore@...trify.com> To: "Patrick McHardy" <kaber@...sh.net> Cc: "David Miller" <davem@...emloft.net>, <netdev@...r.kernel.org> Subject: RE: port bound SAs >>I believe thats intentional, RFC2367 specifies to ignore port numbers except for larval states. the ietf ipsec list thinks thats not the case. The consensus there is that the port owns the SA (and thats what Windows, and solaris actually do) -----Original Message----- From: Patrick McHardy [mailto:kaber@...sh.net] Sent: Tuesday, January 27, 2009 9:22 AM To: Paul Moore Cc: David Miller; netdev@...r.kernel.org Subject: Re: port bound SAs Paul Moore wrote: > the pfkey / xfrm interface throws them away I misparsed that statement, I thought you meant both. Yes, you seem to be right, pfkey ignores them. > i fixed racoon to send the port numbers and they were ignored I believe thats intentional, RFC2367 specifies to ignore port numbers except for larval states. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists