Re: bin/47894: racoon w/NAT-T - pfkey update: wrong ports

To: Egerváry Gergely <gergely%egervary.hu@localhost>, SUENAGA Hiroki <hsuenaga%iij.ad.jp@localhost>, gnats-bugs%NetBSD.org@localhost, gnats-admin%netbsd.org@localhost, netbsd-bugs%netbsd.org@localhost
Subject: Re: bin/47894: racoon w/NAT-T - pfkey update: wrong ports
From: christos%zoulas.com@localhost (Christos Zoulas)
Date: Fri, 20 Jun 2014 12:00:47 -0400

On Jun 20, 10:42am, gergely%egervary.hu@localhost 
(=?UTF-8?B?RWdlcnbDoXJ5IEdlcmdlbHk=?=) wrote:
-- Subject: Re: bin/47894: racoon w/NAT-T - pfkey update: wrong ports

| > You say:
| >   "kernel doesn't know its side of negotiation. racoon knows it, but
| >   there is no API to send the side information to kernel."
| > 
| > Probably you should look into the Linuxized racoon code (and the Linux
| > IPSec code, if required) how it is handled there.
| 
| This is the source of the Debianized racoon:
| 
| 
ftp://ftp.debian.org/debian/pool/main/i/ipsec-tools/ipsec-tools_0.8.2.orig.tar.gz
| 
ftp://ftp.hu.debian.org/debian/pool/main/i/ipsec-tools/ipsec-tools_0.8.2-2.debian.tar.xz
| 
| It's the same as the NetBSD racoon in ~ 99 percent. The kernel part is
| completely different, but the API should be the same.

I just looked at the patches (the xz file). There doesn't seem to be anything
interesting there. Except the EDNS stuff, which is done incorrectly (it should
be using the new resolver routines).

christos

Follow-Ups:
- Re: bin/47894: racoon w/NAT-T - pfkey update: wrong ports
  - From: SUENAGA Hiroki

References:
- Re: bin/47894: racoon w/NAT-T - pfkey update: wrong ports
  - From: Egerváry Gergely

Prev by Date: Re: lib/46945 (editline(3): el_getc() doesn't document it's setting errno)
Next by Date: Re: bin/47894: racoon w/NAT-T - pfkey update: wrong ports
Previous by Thread: Re: bin/47894: racoon w/NAT-T - pfkey update: wrong ports
Next by Thread: Re: bin/47894: racoon w/NAT-T - pfkey update: wrong ports
Indexes:

Home | Main Index | Thread Index | Old Index