Re: Merging Non-Back-Compatible setkey(8)

From: Crist J. Clark (crist.clark_at_attbi.com)
Date: 05/29/03

Next message: Erwane Breton: "Collision on NIC"

Previous message: Brad du Plessis: "Re: USB Modem support"
In reply to: B: "Re: Merging Non-Back-Compatible setkey(8)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Thu, 29 May 2003 06:29:55 -0700
To: "JINMEI Tatuya / ?$B?@L@C#:H" <jinmei@isl.rdc.toshiba.co.jp>

On Thu, May 29, 2003 at 01:38:49PM +0900, JINMEI Tatuya / ?$B?@L@C#:H wrote:
> >>>>> On Wed, 28 May 2003 14:48:22 -0700,
> >>>>> "Crist J. Clark" <crist.clark@attbi.com> said:
>
> > I sent a PR into the KAME guys a few weeks back about an issue with
> > setkey(8). The issue is that setkey(8) refers to the NULL encryption
> > algorithm by the rather misleading name, 'simple.' I'd hoped they'd
> > patch it in a back-compatible way, so that 'simple' still would work,
> > but they've just swapped 'simple' for 'null' in the code.
>
> We (KAME) provided backward compatibility, though the fix warned when
> the old name is specified. Our latest code works as follows:
>
> # /usr/local/v6/sbin/setkey -c << E_O_F
> heredoc> add 10.0.0.1 10.0.0.2 esp 123457 -E simple;
> heredoc> E_O_F
> line 1: WARNING: encryption algorithm is obsoleted. at [simple]
>
> # /usr/local/v6/sbin/setkey -D | head -10
> 10.0.0.1 10.0.0.2
> esp mode=any spi=123457(0x0001e241) reqid=0(0x00000000)
> E: null
> seq=0x00000000 replay=0 flags=0x00000040 state=mature
> created: May 29 13:37:27 2003 current: May 29 13:37:52 2003
> diff: 25(s) hard: 0(s) soft: 0(s)
> last: hard: 0(s) soft: 0(s)
> current: 0(bytes) hard: 0(bytes) soft: 0(bytes)
> allocated: 0 hard: 0 soft: 0
> sadb_seq=8 pid=14308 refcnt=1

Sorry, I hadn't noticed that the changes were made with a number of
separate commits when I reviewed them. Thanks for the good work.

-- 
Crist J. Clark                     |     cjclark@alum.mit.edu
                                   |     cjclark@jhu.edu
http://people.freebsd.org/~cjc/    |     cjc@freebsd.org
_______________________________________________
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"

Next message: Erwane Breton: "Collision on NIC"

Previous message: Brad du Plessis: "Re: USB Modem support"
In reply to: B: "Re: Merging Non-Back-Compatible setkey(8)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: [PATCH 4/4] Swap migration V3: sys_migrate_pages interface
... or it's user's responsibility to updates his mempolicy before ... calling sys_migrage_pages? ... To unsubscribe from this list: send the line "unsubscribe linux-kernel" in ...
(Linux-Kernel)
Re: [PATCH] counting bounce buffer in vmstat
... > I'll fix it up. ... Oh, I misunderstood that. ... To unsubscribe from this list: send the line "unsubscribe linux-kernel" in ...
(Linux-Kernel)