[strongSwan-dev] Error "peer selected invalid traffic selectors"
Paul Stewart
pstew at chromium.org
Sun Mar 10 03:29:24 CET 2013
Got to it sooner than I thought I would. It works fine. Thanks, this
looks a lot cleaner! BTW, on a somewhat unrelated note, I just sent an
update to bug http://wiki.strongswan.org/issues/289 with another fix I
made. Is it better to send these to the mailing list rather than comment
on bugs? I can open a new thread in that case.
--
Paul
On Sat, Mar 9, 2013 at 5:45 PM, Paul Stewart <pstew at chromium.org> wrote:
> I'll give it a shot at latest Monday. Thanks!
>
> --
> Paul
>
>
> On Thu, Mar 7, 2013 at 1:02 AM, Martin Willi <martin at strongswan.org>wrote:
>
>> Hi Paul,
>>
>> > [...] which I tracked down to the tsi of the Cisco peer not returning a
>> > port number in its reply.
>>
>> I see.
>>
>> > Using the patch below, I was able to accommodate this omission. Does
>> > this seem like a reasonable change, perhaps behind a configuration
>> > flag?
>>
>> Thanks for the patch, looks reasonable. I don't think a configuration
>> option is necessary, as long as we install the more restrictive
>> selector.
>>
>> Instead of just checking the port, I think we can handle this in a more
>> generic way by selecting the subset of the proposed and the returned
>> selector. This should work in any case, in is actually even simpler.
>> Please try the attached patch, if that works, I can push it to master.
>>
>> Best regards
>> Martin
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/dev/attachments/20130309/31abcd13/attachment.html>
More information about the Dev
mailing list