linux-ipsec: problems, part 3

A few more notes from Raleigh... same caveats as the earlier ones.

We were taken somewhat by surprise by leading zeros in a command argument causing octal conversion, although this probably qualifies as a defect in the documentation rather than in the code.

The modern fashion in manual key setup is very much to use separate keys for ESP authentication and encryption. Our code's slice-and-dice approach, dividing up a single chunk of key bits, is not fundamentally *wrong*, but the lack of docs on just how the slicing is done makes it very difficult to figure out how to configure the thing to match somebody else's (i.e., some other implementor's) two-key setup.

"bad auth" (from the kernel) is an excessively terse error message, and
badly needs more detail, like who the offending packet came from and just what was wrong (e.g., was it an unknown algorithm or an actual authentication failure?).

"no tdb for spi=___" wins the Cryptic Message Of The Day prize.

A quick look at the kernel code (while attempting to puzzle out the slice-and-dice rules) finds a whole lot of hardcoded magic numbers, many of which probably ought to be #defined constants.

There needs to be documentation of the system-call interface, including the precise breakdown of the bit fields. This is obviously going to change when we shake up the kernel interface... but unless we do that quite soon, the current situation needs to be documented at least sketchily.

                                                           Henry Spencer
                                                       henry@zoo.toronto.edu