Hi Christophe,
On Wed, May 27, 2020 at 07:11:21PM +0200, Christophe Gouault wrote:
> This patch is useful, however I think you should change the name of
> the option and amend its description:
> the option does not disable anti-replay in output (it can only be
> disabled in input), it allows the o
Hi Petr,
This patch is useful, however I think you should change the name of
the option and amend its description:
the option does not disable anti-replay in output (it can only be
disabled in input), it allows the output sequence number to wrap, and
it assumes that the remote peer disabled anti-r
RFC 4303 in section 3.3.3 suggests to disable anti-replay for manually
distributed ICVs.
This patch introduces new extra_flag XFRM_SA_XFLAG_NO_ANTI_REPLAY which
disables anti-replay for outbound packets if set. The flag is used only
in legacy and bmp code, because esn should not be negotiated if
a
3 matches
Mail list logo
