[Swan-dev] pluto: Always delete outbound SA with inbound SA
Herbert Xu
herbert at gondor.apana.org.au
Tue Apr 21 03:58:32 EEST 2015
On Mon, Apr 20, 2015 at 09:45:01AM -0400, Paul Wouters wrote:
>
> It's on my todo list. I am puzzled by your "Ever since
> the outbound SA before the inbound SA", and wanted to track that
> change down first to get more context. I'm thinking the most likely
> candidate of this is the removal of the loopback code that did
> horrible things like only install part of an SA to itself.
It was added by
commit f77d044ab9506498d71b266e4495717f677da4d6
Author: Michael Richardson <mcr at xelerance.com>
Date: Wed Feb 22 12:49:49 2006 -0500
this include much refactoring of kernel_pfkey.c code into mast vs klips
functions. The kernel.c add_sa code now looks at the ref/refhim arguments
to the kernel_sa, making sure to install outgoing SA before incoming SA
so that we can refer to outgoing SA as the refhim.
kernel_mast.c now locates a useful mastXXX device, creating only one
if we need it
Cheers,
--
Email: Herbert Xu <herbert at gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
More information about the Swan-dev
mailing list