ipsec and freebsd 5.3-beta
Niki Denev
nike_d at cytexbg.com
Mon Sep 27 05:33:26 PDT 2004
Hannes Mehnert writes:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hi,
>
> On Mon, Sep 27, 2004 at 08:22:40AM +0200, cell wrote:
>> I have always the same problem.I'm on freebsd 5.3-beta 5 and i have put the
>> patch for key.c who is in cvweb but i have that :
>> .. ENOBUFS ...
>
> Currently only netipsec/key.c is fixed (which is the FAST_IPSEC
> implementation), so if you use FAST_IPSEC it should work, with IPSEC it
> shouldn't.
>
>
> Best Regards,
>
> Hannes Mehnert
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.2.5 (FreeBSD)
>
> iD8DBQFBV+9JRcuNlziBjRwRAl1QAJ9bQ7zSaI5IN8IGl7BmEsRE3AM5FACffOwB
> 3E1YOvTQaPf19QjG8cRx4w8=
> =5rFG
The netkey/key.c and netipsec/key.c files are very similar,
probably because as far as i remember FAST_IPSEC started as fork from
the KAME ipsec implementation.(or at least uses some of the code)
I think that the same fix will work both for IPSEC and FAST_IPSEC.
e can try to find the key_parse() routine in netkey/key.c
and comment the following code :
if (m->m_next) { /*XXX*/
m_freem(m);
return ENOBUFS;
}
starting at line 6976.
P.S. No guarantees on that, try it at your own risk :) :)
--niki
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-current/attachments/20040927/443cbf38/attachment.bin
More information about the freebsd-current
mailing list