NetBSD-Bugs archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: kern/44843: IPSEC in kernel make IPPROTO_ESP and IPPROTO_AH unusable



The following reply was made to PR kern/44843; it has been noted by GNATS.

From: Paul Koning <paul_koning%dell.com@localhost>
To: <gnats-bugs%NetBSD.org@localhost>
Cc: <kern-bug-people%netbsd.org@localhost>,
 <gnats-admin%netbsd.org@localhost>,
 <netbsd-bugs%netbsd.org@localhost>
Subject: Re: kern/44843: IPSEC in kernel make IPPROTO_ESP and IPPROTO_AH 
unusable
Date: Fri, 8 Apr 2011 11:32:39 -0400

 IPSec uses those two protocols; if you tell NetBSD to implement them in =
 the kernel, why would you expect to be able to access them from =
 userland?
 
        paul
 
 On Apr 8, 2011, at 11:25 AM, <msporleder%gmail.com@localhost> wrote:
 
 >> Number:         44843
 >> Category:       kern
 >> Synopsis:       IPSEC in kernel make IPPROTO_ESP and IPPROTO_AH =
 unusable
 >> Confidential:   no
 >> Severity:       serious
 >> Priority:       medium
 >> Responsible:    kern-bug-people
 >> State:          open
 >> Class:          sw-bug
 >> Submitter-Id:   net
 >> Arrival-Date:   Fri Apr 08 15:25:00 +0000 2011
 >> Originator:     matthew sporleder
 >> Release:        5.1
 >> Organization:
 > mspo.com
 >> Environment:
 > NetBSD vc136-15.vc.panix.com 5.1 NetBSD 5.1 (PANIX-VC) #0: Thu Mar 10 =
 01:49:14 EST 2011  =
 
root%juggler.panix.com@localhost:/misc/obj/misc/devel/netbsd/5.1/src/sys/arch/amd64/=
 compile/PANIX-VC amd64
 >=20
 >> Description:
 > I have IPSEC in my kernel and am unable to open sockets IPPROTO_ESP or =
 IPPROTO_AH.
 >=20
 > This does not seem to happen if the kernel does not have ipsec so I =
 think it's a bug.
 >> How-To-Repeat:
 >=20
 >=20
 > #include <stdio.h>
 > #include <sys/socket.h>
 > #include <netinet/in.h>
 > #include <errno.h>
 > #include <string.h>
 >=20
 > int main(int argc, char *argv[])
 > {
 > int sock;
 > sock =3D socket(PF_INET, SOCK_RAW, IPPROTO_ESP);
 > if ( sock < 0 )
 > {
 >   perror("sock problem");
 > }
 >=20
 > }
 >=20
 >=20
 > sock problem: Protocol not supported
 >> Fix:
 >=20
 


Home | Main Index | Thread Index | Old Index