Re: IPsec: stack problems

To: tech-net%netbsd.org@localhost
Subject: Re: IPsec: stack problems
From: Joerg Sonnenberger <joerg%bec.de@localhost>
Date: Thu, 1 Mar 2018 15:07:20 +0100

On Thu, Mar 01, 2018 at 10:25:54AM +0100, Maxime Villard wrote:
> In fact, the crypto code was written with the assumption that when
> crypto_dispatch returns, there is no further crypto processing.
> 
> If the packet is repushed, this assumption does not hold anymore, and I'm not
> sure whether it wouldn't break things.
> 
> But otherwise yes, it would be nice to repush the packet.

I don't understand that. The lower layers already expect the decrypted
data, so crypto processing has to be done at this point anyway?

Joerg

Follow-Ups:
- Re: IPsec: stack problems
  - From: Maxime Villard

References:
- IPsec: stack problems
  - From: Maxime Villard
- Re: IPsec: stack problems
  - From: Joerg Sonnenberger
- Re: IPsec: stack problems
  - From: Maxime Villard

Prev by Date: Re: IPsec: stack problems
Next by Date: Re: IPsec: stack problems
Previous by Thread: Re: IPsec: stack problems
Next by Thread: Re: IPsec: stack problems
Indexes:

Home | Main Index | Thread Index | Old Index