Hi all, When trying to spddelete individual entries using setkey, spddelete always fails. The culprit is in net/af_key.c; spdadd sets the family field of the selector when creating an entry, but spddelete doesn't when building a selector to match for xfrm_policy_bysel. Trivial fix is to have spddelete set the family field in the selector in same way spdadd does. --- af_key.c.orig 2004-05-23 11:16:44.241140504 -0700 +++ af_key.c 2004-05-24 13:08:42.000000000 -0700 @@ -1976,7 +1976,7 @@ static int pfkey_spddelete(struct sock * memset(&sel, 0, sizeof(sel)); sa = ext_hdrs[SADB_EXT_ADDRESS_SRC-1], - pfkey_sadb_addr2xfrm_addr(sa, &sel.saddr); + sel.family = pfkey_sadb_addr2xfrm_addr(sa, &sel.saddr); sel.prefixlen_s = sa->sadb_address_prefixlen; sel.proto = pfkey_proto_to_xfrm(sa->sadb_address_proto); sel.sport = ((struct sockaddr_in *)(sa+1))->sin_port; -- Steven King | this space sxking at qwest dot net | for rent - : send the line "unsubscribe linux-net" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
