Date: Tue, 17 Jan 2017 15:57:15 +0300 From: "Andrey V. Elsukov" <bu7cher@yandex.ru> To: src-committers@freebsd.org, svn-src-projects@freebsd.org Subject: Re: svn commit: r312342 - projects/ipsec/sys/netipsec Message-ID: <10fa0a2f-2e78-e5c0-a657-28265c5e31c3@yandex.ru> In-Reply-To: <201701171243.v0HChtBl040909@repo.freebsd.org> References: <201701171243.v0HChtBl040909@repo.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 17.01.2017 15:43, Andrey V. Elsukov wrote: > Author: ae > Date: Tue Jan 17 12:43:55 2017 > New Revision: 312342 > URL: https://svnweb.freebsd.org/changeset/base/312342 > > Log: > RFC2367 doesn't allow update anything but state and lifetimes for SAs in > MATURE state. > > Do not require presence of SADB_EXT_KEY_ENCRYPT and SADB_EXT_KEY_AUTH > in the general checks for SADB_UPDATE message. They only required for > MATURE SAs. For LARVAL SAs on the contrary these headers are not allowed. This should be: > They only required for LARVAL SAs. For MATURE SAs on the contrary these headers are not allowed. -- WBR, Andrey V. Elsukov
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?10fa0a2f-2e78-e5c0-a657-28265c5e31c3>