[strongSwan] invalid CPI length in IPCOMP proposal?
Tobias Brunner
tobias at strongswan.org
Tue Nov 4 18:36:48 CET 2014
Hi Igor,
> invalid CPI length in IPCOMP proposal
We currently assert that the length is two bytes. But it seems we are a
bit too restrictive. While the 16-bit CPI values SHOULD be sent in two
bytes according to RFC 3173, a responder MUST be able to accept them as
four byte values.
Please try the patch in the ipcomp-spi-len branch [1].
Regards,
Tobias
[1] http://git.strongswan.org/?p=strongswan.git;a=commitdiff;h=2ecf21e01
More information about the Users
mailing list