From: Patrick McHardy <kaber@trash.net>
To: Ulrich Weber <uweber@astaro.de>
Cc: vpn-failover@lists.balabit.hu, netdev@oss.sgi.com,
ipsec-tools-devel@lists.sourceforge.net
Subject: Re: [Vpn-failover] [RFC] IPSEC failover - Netlink part
Date: Mon, 08 Nov 2004 17:10:24 +0100 [thread overview]
Message-ID: <418F9A70.7040400@trash.net> (raw)
In-Reply-To: <418F4AF9.7050605@astaro.de>
Ulrich Weber wrote:
> what did you mean with "leaks xfrm_state reference"? The missing
> xfrm_state_put(x) ?
Yes.
> I changed it (see below) to use Krisztian's xfrm_state_replay_update
> function.
Even better.
> |> static const int xfrm_msg_min[(XFRM_MSG_MAX + 1 - XFRM_MSG_BASE)] = {
> |> NLMSG_LENGTH(sizeof(struct xfrm_usersa_info)), /* NEW SA */
> |> NLMSG_LENGTH(sizeof(struct xfrm_usersa_id)), /* DEL SA */
> |> @@ -867,6 +897,7 @@
> |> NLMSG_LENGTH(sizeof(struct xfrm_user_polexpire)), /* POLEXPIRE */
> |> NLMSG_LENGTH(sizeof(struct xfrm_usersa_flush)), /* FLUSH SA */
> |> NLMSG_LENGTH(0), /* FLUSH POLICY */
> |> + NLMSG_LENGTH(sizeof(struct xfrm_usersa_id)),/* UPD SEQ */
> |>
> |>
> | ^^ what about struct xfrm_replay_state ?
> it's attached as rt attribute, so it should be ok.
But you don't check it's size. You need to include it here or check it
when you use it.
Regards
Patrick
next prev parent reply other threads:[~2004-11-08 16:10 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2004-10-29 10:23 [RFC] IPSEC failover and replay detection sequence numbers KOVACS Krisztian
2004-10-29 12:58 ` jamal
2004-10-29 13:24 ` KOVACS Krisztian
2004-10-29 15:01 ` jamal
2004-10-29 16:15 ` KOVACS Krisztian
2004-11-07 17:42 ` Michael Richardson
2004-11-04 14:01 ` [Vpn-failover] [RFC] IPSEC failover - Netlink part Ulrich Weber
2004-11-04 18:15 ` Patrick McHardy
2004-11-08 10:31 ` Ulrich Weber
2004-11-08 16:10 ` Patrick McHardy [this message]
2004-11-09 8:55 ` Ulrich Weber
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=418F9A70.7040400@trash.net \
--to=kaber@trash.net \
--cc=ipsec-tools-devel@lists.sourceforge.net \
--cc=netdev@oss.sgi.com \
--cc=uweber@astaro.de \
--cc=vpn-failover@lists.balabit.hu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).