[strongSwan-dev] Error "peer selected invalid traffic selectors"

Paul Stewart pstew at chromium.org
Sun Mar 10 02:45:17 CET 2013

I'll give it a shot at latest Monday.  Thanks!


On Thu, Mar 7, 2013 at 1:02 AM, Martin Willi <martin at strongswan.org> wrote:

> Hi Paul,
> > [...] which I tracked down to the tsi of the Cisco peer not returning a
> > port number in its reply.
> I see.
> > Using the patch below, I was able to accommodate this omission.  Does
> > this seem like a reasonable change, perhaps behind a configuration
> > flag?
> Thanks for the patch, looks reasonable. I don't think a configuration
> option is necessary, as long as we install the more restrictive
> selector.
> Instead of just checking the port, I think we can handle this in a more
> generic way by selecting the subset of the proposed and the returned
> selector. This should work in any case, in is actually even simpler.
> Please try the attached patch, if that works, I can push it to master.
> Best regards
> Martin
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/dev/attachments/20130309/a13ec106/attachment.html>

More information about the Dev mailing list