[strongSwan-dev] Error "peer selected invalid traffic selectors"
martin at strongswan.org
Thu Mar 7 10:02:55 CET 2013
> [...] which I tracked down to the tsi of the Cisco peer not returning a
> port number in its reply.
> Using the patch below, I was able to accommodate this omission. Does
> this seem like a reasonable change, perhaps behind a configuration
Thanks for the patch, looks reasonable. I don't think a configuration
option is necessary, as long as we install the more restrictive
Instead of just checking the port, I think we can handle this in a more
generic way by selecting the subset of the proposed and the returned
selector. This should work in any case, in is actually even simpler.
Please try the attached patch, if that works, I can push it to master.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 1743 bytes
Desc: not available
More information about the Dev