Re: [Ipsec-tools-devel] [PATCH 1/2]: allow racoon to use security contexts

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

OK, I will give this a try. I will send a patch as soon as I can.
If I run into a few questions, I will send you some email.

Regards,
Joy 

On Tue, 2006-11-28 at 06:54 +0100, Emmanuel Dreyfus wrote:
> Joy Latten <la...@au...> wrote:
> 
> > I was wondering if anyone had gotten a chance to take a look at this patch
> > and if there were any review comments. I'd be happy to help in any way
> > that I can. I can also re-submit the patch. :-)
> 
> Well, I wanted to make a little improvement but found no time for that.
> Indeed you can help.
> 
> You added even more arguments to pfkey_send_update() and friends. That
> has a minor cost, which is a plain loss to systems not using security
> contexts.
> 
> A better way would be to change the fonction prototype so that they get
> a struct, and have the security context part of the struct being ifdef
> HAVE_SECCTX. Similarily, other parts of the struct shoulf be ifdef for
> NAT-T, IKE Frag and so on, but I bet we can keep that for later, as it
> makes the change really bigger. 
> 