On Fri, Aug 01, 2003 at 07:52:24PM +1000, herbert wrote: > On Fri, Aug 01, 2003 at 07:33:38AM +1000, herbert wrote: > > > > That would be good. The problem right now is that only daddr is used > > as a key in xfrm_state_lookup. If we use both saddr/daddr then we can > > even set spi to zero if we use the saddr in the spi_hash too. > > In fact this is a serious bug. Because we don't take saddr into account, > we will end up rejecting valid SPIs from remote peers should two different > peers choose the same SPI. Scratch that. I misunderstood the way the SPI is determined. It's the destination host that determines the SPI and not the source. However, this makes me think that we should extend the SPI in the case of XFRM tunnels to include the entire source address. This is the best way to model it so that we do not deviate from the paradigm that each SA corresponds to a (daddr, spi, proto) triple. -- Debian GNU/Linux 3.0 is out! ( http://www.debian.org/ ) Email: Herbert Xu ~{PmV>HI~} <herbert@gondor.apana.org.au> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt - : send the line "unsubscribe linux-net" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
