[strongSwan-dev] Charon vendor ID patches

Martin Willi martin at strongswan.org
Fri Jan 17 12:10:23 CET 2014


Hi C.J.,

> I've been digging through our charon servers' logs this week and have
> seen a number of messages regarding unknown vendor IDs.  It would be
> easier for our network engineering team to troubleshoot if we received
> more descriptive log entries in the future.

Thanks for your patches.

I think we should slightly refactor IKEv2 vendor ID payload processing,
similar to what we do in IKEv1. That makes adding/handling new vendor
IDs much easier.

I've pushed a few changes to [1], refactoring vendor ID processing in
the first commit. The three last commits add your new vendor IDs.

Have you seen that FRAGMENTATION vendor ID for IKEv2 in the wild? We
recently have implemented that for IKEv1, would be interesting to know
how this exactly works in IKEv2...

Let me know if these changes work for you; I'll then merge it to master.

Best Regards
Martin

[1]http://git.strongswan.org/?p=strongswan.git;a=shortlog;h=refs/heads/vendor-ids






More information about the Dev mailing list