fyi, i've figured out the problem.
it seems that skip uses the M_EOR flag to mark the mbufs that have
already been run through the decryptor. i'm guessing that someone
else is misinterpreting that flag and killing the end of the packet.
my fix is to have skip use the M_PROTO1 flag instead. seems to work
correctly so far.
-----------------------------------------------------------------
bash# diff --recursive work fixed
diff --recursive work/skip/freebsd/skip_es.c fixed/skip/freebsd/skip_es.c
1769c1769
< m->m_flags &= ~ M_EOR;
---
> m->m_flags &= ~ M_PROTO1;
2233c2233
< outbuf->m_flags |= M_EOR | M_PKTHDR;
---
> outbuf->m_flags |= M_PROTO1 | M_PKTHDR;
diff --recursive work/skip/freebsd/skip_if.h fixed/skip/freebsd/skip_if.h
107c107
< #define SKIP_DECRYPTED(m) ((m)->m_flags & M_EOR)
---
> #define SKIP_DECRYPTED(m) ((m)->m_flags & M_PROTO1)
--
Antony Chan and as we wind on down the road
[EMAIL PROTECTED] our shadows taller than our soul
MindSpring Business Services there walks a lady we all know
http://web.mindspring.com who shines white light and wants to show
======================================how everything still turns to gold
