On Sat, 25 Sep 2004, Sam Leffler wrote: > > > That's a 216 byte packet, fwiw. I instrumented key.c and ran into the > > > following ENOBUFS case on key.c:6957: > > > > > > /* align the mbuf chain so that extensions are in contiguous > > > region. */ error = key_align(m, &mh); > > > if (error) > > > return error; > > > > > > if (m->m_next) { /*XXX*/ > > > m_freem(m); > > > return ENOBUFS; > > > } > > > > > > I.e., the author knew it was a bug (feature) that an additional mbuf > > > couldn't be handled here, but we do need to handle one. Looks like much > > > of the surrounding code could be replaced with a call to m_defrag() > > > and/or m_pullup(). > > > > Just to mention that i too experience this problem, > > but with FAST_IPSEC so this probably means that if any fix will be made for > > netkey/key.c then netipsec/key.c will need it too.(as far as i can tell) > > Please correct me if i'm wrong. > > Correct. I gave Robert a fix that was sent to me for fast ipsec. I was going > to commit it this weekend after some testing. could you perhaps post it or place it somewhere for download ? -- Bjoern A. Zeeb bzeeb at Zabbadoz dot NeTReceived on Sat Sep 25 2004 - 21:55:10 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:38:13 UTC