DragonFly BSD
DragonFly submit List (threaded) for 2004-10
[Date Prev][Date Next]  [Thread Prev][Thread Next]  [Date Index][Thread Index]

Re: updated patch - (was Re: fix for IPSEC-IPV4 breakage)


From: Andrew Atrens <atrens@xxxxxxxxxxxxxxxxxx>
Date: Mon, 18 Oct 2004 18:15:01 -0400

>
Organization: Nortel Networks
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7Bit
Lines: 36
NNTP-Posting-Host: 47.128.22.25
X-Trace: 1098137702 crater_reader.dragonflybsd.org 742 47.128.22.25
Xref: crater_reader.dragonflybsd.org dragonfly.submit:1983

Matthew Dillon wrote:

>     Change the 0's to NULL's for pointer assignments. 

Oops, that's a C++ habit :)

>     I wish there were a 
>     cleaner way, but after staring at it the only correct solution is to
>     either change the decrypt API (and I don't think we want to change the
>     decrypt API)

I think FAST_IPSEC does things differently in this regard than does IPSEC.

>     or to pass a 'minimum first mbuf length' that the demuxer 
>     can assign for things like IPSEC to maintain...

Hmm...

>     or to give up entirely 
>     and have the tcp and udp stacks re-check and re-pullup as necessary.

Since you are doing the kernel assertion check anyway, there would be no
additional runtime penalty for folks NOT using IPSEC. (Unless the you plan
on doing away with the assertion at some point).

>     In anycase, we've chomped on this too much and need to move on, so
>     give it a few days for others to test and if nothing better comes
>     along we will commit it (email me a reminder if it doesn't get done in
>     ~3 days). Or if Jeff wants to just commit it now he can do that too.

Okay, thanks. Though I'm not entirely happy with what I've got, I don't
want to tie up too many of folks free cycles either. :(

Andrew.





[Date Prev][Date Next]  [Thread Prev][Thread Next]  [Date Index][Thread Index]