Re: kern/56836: IPv6 ESN tunneling IPcomp has corrupt header

To: kern-bug-people%netbsd.org@localhost,gnats-admin%netbsd.org@localhost,netbsd-bugs%netbsd.org@localhost,andrew.cagney%gmail.com@localhost
Subject: Re: kern/56836: IPv6 ESN tunneling IPcomp has corrupt header
From: Andrew Cagney <andrew.cagney%gmail.com@localhost>
Date: Tue, 24 May 2022 18:50:01 +0000 (UTC)

The following reply was made to PR kern/56836; it has been noted by GNATS.

From: Andrew Cagney <andrew.cagney%gmail.com@localhost>
To: kern-bug-people%netbsd.org@localhost, gnats-admin%netbsd.org@localhost, netbsd-bugs%netbsd.org@localhost, 
	gnats-bugs%netbsd.org@localhost
Cc: 
Subject: Re: kern/56836: IPv6 ESN tunneling IPcomp has corrupt header
Date: Tue, 24 May 2022 14:49:14 -0400

 One more thing worth noting.  I'm pretty sure that without this
 change, racoon can't interop with itself:
 
 racoon/pfkey.c hard-wires SADB_X_EXT_RAWCPI which means:
 
 - outgoing packets do have a correct IPcomp header (i.e., containing
 the CPI), but
 - incoming packets with that correct CPI never match the SA because
 the SA was hashed using the compression algorithm

Prev by Date: Re: kern/56836: IPv6 ESN tunneling IPcomp has corrupt header
Next by Date: NetBSD Nightly Trouble Ticket Report
Previous by Thread: Re: kern/56836: IPv6 ESN tunneling IPcomp has corrupt header
Next by Thread: bin/56835: sshd startup script produces very misleading "UNSAFE KEYS" warnings
Indexes:

Home | Main Index | Thread Index | Old Index