[strongSwan] Test for Unrecognized payload types and critical bit is set fails
Tobias Brunner
tobias at strongswan.org
Tue Oct 21 16:31:19 CEST 2014
Hi Kumuda,
Thanks for the complete logs.
>> Test is to verify that IKEv2 sends a CREATE_CHILD_SA response with a
>> Notify payload of type
>> UNSUPPORTED_CRITICAL_PAYLOAD for the CREATE_CHILD_SA request with invalid
>> payload type value (1) and critical bit is set.
That's a side-effect of integrating IKEv1 support into the IKEv2 daemon
charon with 5.0. While payload type 1 is not valid for IKEv2 it denotes
an SA payload in IKEv1. The payload parser currently ignores the IKE
version and simply parses known payloads (in any IKE version).
I pushed two commits to the _payloads-version_ branch [1] that try to
address this.
Regards,
Tobias
[1]
http://git.strongswan.org/?p=strongswan.git;a=shortlog;h=refs/heads/payloads-version
More information about the Users
mailing list