tech-net: Re: Fix for KAME PF_KEY DUMP-truncation marshalling bug

Subject: Re: Fix for KAME PF_KEY DUMP-truncation marshalling bug
To: Jason Thorpe <thorpej@wasabisystems.com>
From: Jonathan Stone <jonathan@dsg.stanford.edu>
List: tech-net
Date: 05/27/2004 11:01:31

In message <A7548138-AF77-11D8-A125-000A957650EC@wasabisystems.com>,
Jason Thorpe  writes:

>This patch looks OK to me.  Are you going to do one for the KAME code, 
>too, or just fast-ipsec? [...]

>I think unicast for DUMP is fine.  It seems so pointless for DUMP to be 
>any other way.

I've been encouraged to commit this (with SADB dump too, of course)
and also to request a 2.0 pullup.  AT that point it will be easy
enough to generate a version for sys/netkey/key.c.

Its also about a two-liner to rework the sysctl() API to use the
chain-of-records, rather than one huge single record; eliminating one
of the dump-chain constructors. I propose to do that post-2.0.