[Swan-dev] Ipcomp and get_sa_info()
Paul Wouters
paul at nohats.ca
Sat Mar 26 00:18:20 EET 2022
On Mar 25, 2022, at 23:08, D. Hugh Redelmeier <hugh at mimosa.com> wrote:
>
> |BTW, which code do you suspect?
Based on commit message, removal of get_sa_info() for ipcomp
>
> I think that all the code that I changed was about logging or
> reporting in some way. It had no effect on actual flows.
Possible it was broken already but even more now ?
>
> Isn't what you describe is kernel behaviour, not Pluto behaviour?
Yes but it means to set traffic count for an SA with an IPCOMP SA, we might need two get_sa_info() calls.
> There were no flow counts reported for ipcomp. You may want them but
> they weren't there.
Yes that is what I suspect.
> The code in get_sa_info only dealt with one SA. ESP if present, and
> if not, AH, and if not, it went home. IPCOMP was not considered.
It should have extended the ipcomp instead of removing it ?
> AH+ESP isn't handled
It is no longer supported or negotiated by us since prob 10-15 years.
> My *guess* is that IPCOMP could be present along with ESP or AH, but
> the get_sa_info code doesn't care.
Yes I think that is the bug but now you removed code that should have been extended instead ? :)
Anyway, not a bug deal. We should file a bug so we won’t forget
Paul
Typing on iphone
More information about the Swan-dev
mailing list