[strongSwan-dev] Error "peer selected invalid traffic selectors"
Paul Stewart
pstew at chromium.org
Sun Mar 10 02:45:17 CET 2013
I'll give it a shot at latest Monday. Thanks!
--
Paul
On Thu, Mar 7, 2013 at 1:02 AM, Martin Willi <martin at strongswan.org> wrote:
> Hi Paul,
>
> > [...] which I tracked down to the tsi of the Cisco peer not returning a
> > port number in its reply.
>
> I see.
>
> > Using the patch below, I was able to accommodate this omission. Does
> > this seem like a reasonable change, perhaps behind a configuration
> > flag?
>
> Thanks for the patch, looks reasonable. I don't think a configuration
> option is necessary, as long as we install the more restrictive
> selector.
>
> Instead of just checking the port, I think we can handle this in a more
> generic way by selecting the subset of the proposed and the returned
> selector. This should work in any case, in is actually even simpler.
> Please try the attached patch, if that works, I can push it to master.
>
> Best regards
> Martin
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/dev/attachments/20130309/a13ec106/attachment.html>
More information about the Dev
mailing list