Re: Merging Non-Back-Compatible setkey(8)

From: B ($B?_at_L@C#:H(B)
Date: 05/29/03

  • Next message: Wes Peters: "Re: Cascading qmail servers" 
    Date: Thu, 29 May 2003 13:38:49 +0900
To: "Crist J. Clark" <cjc@freebsd.org>

    >>>>> On Wed, 28 May 2003 14:48:22 -0700,
    >>>>> "Crist J. Clark" <crist.clark@attbi.com> said:

    > I sent a PR into the KAME guys a few weeks back about an issue with
    > setkey(8). The issue is that setkey(8) refers to the NULL encryption
    > algorithm by the rather misleading name, 'simple.' I'd hoped they'd
    > patch it in a back-compatible way, so that 'simple' still would work,
    > but they've just swapped 'simple' for 'null' in the code.

    We (KAME) provided backward compatibility, though the fix warned when
    the old name is specified. Our latest code works as follows:

    # /usr/local/v6/sbin/setkey -c << E_O_F
    heredoc> add 10.0.0.1 10.0.0.2 esp 123457 -E simple;
    heredoc> E_O_F
    line 1: WARNING: encryption algorithm is obsoleted. at [simple]

    # /usr/local/v6/sbin/setkey -D | head -10
    10.0.0.1 10.0.0.2
            esp mode=any spi=123457(0x0001e241) reqid=0(0x00000000)
            E: null
            seq=0x00000000 replay=0 flags=0x00000040 state=mature
            created: May 29 13:37:27 2003 current: May 29 13:37:52 2003
            diff: 25(s) hard: 0(s) soft: 0(s)
            last: hard: 0(s) soft: 0(s)
            current: 0(bytes) hard: 0(bytes) soft: 0(bytes)
            allocated: 0 hard: 0 soft: 0
            sadb_seq=8 pid=14308 refcnt=1

                                            JINMEI, Tatuya
                                            Communication Platform Lab.
                                            Corporate R&D Center, Toshiba Corp.
                                            jinmei@isl.rdc.toshiba.co.jp
    _______________________________________________
    freebsd-net@freebsd.org mailing list
    http://lists.freebsd.org/mailman/listinfo/freebsd-net
    To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"

  • Next message: Wes Peters: "Re: Cascading qmail servers"

    Relevant Pages

    • Re: [PATCH] OpenBSD Networking-related randomization port
      ... licensing issues need to be resolved before a patch can go in. ... - Changes the TCP ISN generation algorithm. ... the only change is whether the IDs used are simply incrementing ...
      (Linux-Kernel)
    • Re: [PATCH] /proc/net/tcp, overhead removed
      ... The patch is against Linus git tree. ... Old algorithm. ... New algorithms is O(numsockets + hashsize). ... hash bucket in tcp_seq_start, ...
      (Linux-Kernel)
    • [PATCH] multipath routing algorithm, better patch
      ... The last patch wont work, ... This patch assigns the multipath routing algorithm into the fib_info ... This patch was tested against kernel 2.6.12.1 for all multipath routing ... +#elif CONFIG_IP_ROUTE_MULTIPATH_RANDOM ...
      (Linux-Kernel)
    • Re: New failure detection algorithm for ng_one2many(4).
      ... > Patch below adds new failure detection algorithm for ng_one2many. ... sended from other hosts to host, holding failed element, wouldn't lost. ...
      (freebsd-net)
    • Re: [announce] CFS-devel, performance improvements
      ... This needs a little perspective, as I couldn't clone the repository, all I had was this announcement, so using the patch descriptions now as defense is unfair by you. ... The most brilliant mathematician in the world would have nothing to contribute to the Linux scheduler if he couldn't describe, code, and comment his algorithm in detail so that others could grok at least the basic outline and be able to give useful commentary and suggestions. ... I did however get the impression that Ingo got something significantly useful out of your code despite the problems, but I still haven't had time to read through his and Peter's patches in detail to understand exactly what it was. ...
      (Linux-Kernel)