[strongSwan] non-zero reserved fields in IKE_AUTH response.

Martin Willi martin at strongswan.org
Wed Jun 30 11:19:34 CEST 2010


> but it's not, IDx' is actually IDType | RESERVED | IDData.

I see.

> Fixing this properly would probably need quite some changes

Yes, it indeed would. I don't know if this is really worth the effort
for this hypothetical test case. Especially as it is currently a MUST to
have them set to zero:

> RESERVED - MUST be sent as zero;

A future extension of the IKEv2 protocol might change the behavior and
set one of these bits. But unless this happens, I'd prefer to just leave
it as it is..


More information about the Users mailing list