svn commit: r312342 - projects/ipsec/sys/netipsec
Andrey V. Elsukov
bu7cher at yandex.ru
Tue Jan 17 12:58:16 UTC 2017
On 17.01.2017 15:43, Andrey V. Elsukov wrote:
> Author: ae
> Date: Tue Jan 17 12:43:55 2017
> New Revision: 312342
> URL: https://svnweb.freebsd.org/changeset/base/312342
>
> Log:
> RFC2367 doesn't allow update anything but state and lifetimes for SAs in
> MATURE state.
>
> Do not require presence of SADB_EXT_KEY_ENCRYPT and SADB_EXT_KEY_AUTH
> in the general checks for SADB_UPDATE message. They only required for
> MATURE SAs. For LARVAL SAs on the contrary these headers are not allowed.
This should be:
> They only required for LARVAL SAs. For MATURE SAs on the contrary
these headers are not allowed.
--
WBR, Andrey V. Elsukov
More information about the svn-src-projects
mailing list