From owner-freebsd-net@FreeBSD.ORG Tue Sep 28 01:39:40 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E1A0116A4CE; Tue, 28 Sep 2004 01:39:40 +0000 (GMT) Received: from outbound0.sv.meer.net (outbound0.sv.meer.net [205.217.152.13]) by mx1.FreeBSD.org (Postfix) with ESMTP id C5C2843D2F; Tue, 28 Sep 2004 01:39:38 +0000 (GMT) (envelope-from gnn@neville-neil.com) Received: from mail.meer.net (mail.meer.net [209.157.152.14]) i8S1dJr4029817; Mon, 27 Sep 2004 18:39:20 -0700 (PDT) (envelope-from gnn@neville-neil.com) Received: from minion.local.neville-neil.com (pc1.oakwoodazabu1-unet.ocn.ne.jp [220.110.140.201]) by mail.meer.net (8.12.10/8.12.2/meer) with ESMTP id i8S1dDqF074028; Mon, 27 Sep 2004 18:39:17 -0700 (PDT) (envelope-from gnn@neville-neil.com) Date: Tue, 28 Sep 2004 10:39:09 +0900 Message-ID: From: "George V. Neville-Neil" To: snap-users@kame.net User-Agent: Wanderlust/2.10.1 (Watching The Wheels) SEMI/1.14.5 (Awara-Onsen) FLIM/1.14.5 (Demachiyanagi) APEL/10.5 Emacs/21.2 (powerpc-apple-darwin) MULE/5.0 (SAKAKI) MIME-Version: 1.0 (generated by SEMI 1.14.5 - "Awara-Onsen") Content-Type: text/plain; charset=US-ASCII cc: freebsd-net@freebsd.org cc: rwatson@freebsd.org Subject: Patch for fragment problem in key.c X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 28 Sep 2004 01:39:41 -0000 Hi Folks, Robert Watson tried to send email about this but it never got through, and then Sam Leffler got ahold of me and told me he fixed something similar in the FAST_IPSEC code. So, the following patch fixes, in KAME IPSec. This patch was generated against 6.0-CURRENT and I included Sam's commit message. Later, George Correct handling of SADB_UPDATE and SADB_ADD requests. key_align may split the mbuf due to use of m_pulldown. Discarding the result because of this does not make sense as no subsequent code depends on the entire msg being linearized (only the individual pieces). It's likely something else is wrong here but for now this appears to get things back to a working state. Index: sys/netkey/key.c =================================================================== RCS file: /Volumes/exported/FreeBSD-CVS/src/sys/netkey/key.c,v retrieving revision 1.67 diff -u -r1.67 key.c --- sys/netkey/key.c 2 Sep 2004 20:14:03 -0000 1.67 +++ sys/netkey/key.c 27 Sep 2004 16:08:31 -0000 @@ -6952,11 +6952,6 @@ if (error) return error; - if (m->m_next) { /*XXX*/ - m_freem(m); - return ENOBUFS; - } - msg = mh.msg; /* check SA type */