Hi Dave: This patch fixes a number of problems with xfrm_state_replace: 1. Only update update lifetime and encap options if the state is valid. 2. Disallow updates to states that do not exist. 3. Bail if afinfo cannot be found. This brings SADB_UPDATE in line with what is required by RFC2367. It is also needed by SFS NAT-T support as it needs to update valid states when the encap ports move. Cheers, -- Debian GNU/Linux 3.0 is out! ( http://www.debian.org/ ) Email: Herbert Xu ~{PmV>HI~} <herbert@gondor.apana.org.au> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt - : send the line "unsubscribe linux-net" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
