[strongSwan-dev] question on using libcharon
Noam Lampert
lampert at google.com
Wed Mar 19 13:06:11 CET 2014
I have code that uses libcharon directly. It basically adds an ike_cfg,
peer_cfg, and then calls charon->start().
When peering two instances of this code with each other, I have a race
where one instance believes that it has a valid outgoing child_sa, and the
other does not yet recognize this SPI.
I believe the reason for this race is that both sides have initiator=false,
and are installing the child-sa from build_r() - whereas the intention was
that one side would have initiator=true and install the SA only in
process_r().
Does all this make sense?
Do you see this as a bug?
Is there a suggested workaround?
Thanks,
Noam
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/dev/attachments/20140319/63b46eb8/attachment.html>
More information about the Dev
mailing list