[Openswan dev] Problems with netkey acquires.
David McCullough
david_mccullough at mcafee.com
Wed Mar 10 19:33:06 EST 2010
Jivin Tuomo Soini lays it down ...
> Tuomo Soini wrote:
> > Tuomo Soini wrote:
> >
> >> Seem like code matching acquire to tunnel configuration is currently broken.
> >
> > Just fyi, commit 00ed7490af2e9adc1a936d38693c872cea1e87ba didn not fix
> > this issue on netkey.
>
> David. Do you have any idea what's problem here.
>
> With 2.6.24 you get acquire states which are shown in ipsec auto
> --status and never cleaned up.
>
> It looks like your change "fixed" this but now these acquire states are
> inserted into xfrm policy directly without matching them to loaded conns.
Geez, I work with klips most the time, I didn't think code would affect
netkey and it obviously does.
So am I right in saying that netkey was broken before, and after the change
it's just broken differently ?
I can see if I can spot something,
Cheers,
Davidm
--
David McCullough, david_mccullough at mcafee.com, Ph:+61 734352815
McAfee - SnapGear http://www.mcafee.com http://www.uCdot.org
More information about the Dev
mailing list