On Mar 25, 2022, at 23:08, D. Hugh Redelmeier <[email protected]> wrote: > > |BTW, which code do you suspect?
Based on commit message, removal of get_sa_info() for ipcomp > > I think that all the code that I changed was about logging or > reporting in some way. It had no effect on actual flows. Possible it was broken already but even more now ? > > Isn't what you describe is kernel behaviour, not Pluto behaviour? Yes but it means to set traffic count for an SA with an IPCOMP SA, we might need two get_sa_info() calls. > There were no flow counts reported for ipcomp. You may want them but > they weren't there. Yes that is what I suspect. > The code in get_sa_info only dealt with one SA. ESP if present, and > if not, AH, and if not, it went home. IPCOMP was not considered. It should have extended the ipcomp instead of removing it ? > AH+ESP isn't handled It is no longer supported or negotiated by us since prob 10-15 years. > My *guess* is that IPCOMP could be present along with ESP or AH, but > the get_sa_info code doesn't care. Yes I think that is the bug but now you removed code that should have been extended instead ? :) Anyway, not a bug deal. We should file a bug so we won’t forget Paul Typing on iphone _______________________________________________ Swan-dev mailing list [email protected] https://lists.libreswan.org/mailman/listinfo/swan-dev
