[strongSwan] incorrect notification data for critical invalid payload type

Tobias Brunner tobias at strongswan.org
Fri Sep 28 22:34:07 CEST 2012

Hi Gowri,

> Here, this payload is of 9 bytes as payload length also mentions
> correctly. But, my doubt is on notification data which is 2D.
> It is always 2D even if I set notification data on sending node (say 01).

This value has nothing to do with the notification data, but with the
payload type of the unsupported payload.  In your case it should be 01,
as can be seen here:

> Sep 28 07:08:16 16[ENC] parsing (1) payload, 178 bytes left

When starting to parse the unknown payload the type is just printed as
number.  So you are right the value (2D) is incorrect.  The attached
patch and [1] should fix this issue for 4.6.4 and 5.0.x, respectively.
The problem was that the UNSUPPORTED_CRITICAL_PAYLOAD notify would
always contain the payload type of the last payload in the message (in
your case TSr) instead of the actually unsupported critical payload.


[1] http://git.strongswan.org/?p=strongswan.git;a=commitdiff;h=48651d8d

-------------- next part --------------
A non-text attachment was scrubbed...
Name: fix-unsupported-payload-notify-4.6.4.patch
Type: text/x-patch
Size: 426 bytes
Desc: not available
URL: <http://lists.strongswan.org/pipermail/users/attachments/20120928/e7991dc9/attachment.bin>

More information about the Users mailing list