Hello! > > James, are we ok to break user interface? > > For 2.5 development, we should be able to. and > Now is the time to break things and get the API right. I do not think it breaks compatibility, because these fields are ignored. But this is _not_ right at all. Ports in SADB_ACQUIRE are logical nonsense. I hope I understand what is purpose of this: it is to trigger policy resolution rather than SA resoltution, right? It does not look as a good idea neither from viewpoint of compatibility nor from viewpoint of plain logic. Addresses in SADB_ACQUIRE are addresses of envelope (f.e. tunnel addresses), they __cannot__ have any ports by definition. Selector addresses, if passed at all, must by passed as separate attribute, which does not exist in rfc af_key spec. Yoshfuji, could you clarify plans of KAME about SADB_SPDACQUIRE? The last time when I looked at this it was not implemented, but I would expect it is the thing which is expected to resolve policies. Could you consult to them? Alexey - : send the line "unsubscribe linux-net" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
