[Openswan dev] Problems with netkey acquires.

Tuomo Soini tis at foobar.fi
Wed Mar 10 15:12:13 EST 2010

Tuomo Soini wrote:
> Tuomo Soini wrote:
>> Seem like code matching acquire to tunnel configuration is currently broken.
> Just fyi, commit 00ed7490af2e9adc1a936d38693c872cea1e87ba didn not fix
> this issue on netkey.

David. Do you have any idea what's problem here.

With 2.6.24 you get acquire states which are shown in ipsec auto
--status and never cleaned up.

It looks like your change "fixed" this but now these acquire states are
inserted into xfrm policy directly without matching them to loaded conns.

Tuomo Soini <tis at foobar.fi>
Foobar Linux services
+358 40 5240030
Foobar Oy <http://foobar.fi/>

More information about the Dev mailing list