[strongSwan] Test for Unrecognized payload types and critical bit is set fails
tobias at strongswan.org
Tue Oct 21 16:31:19 CEST 2014
Thanks for the complete logs.
>> Test is to verify that IKEv2 sends a CREATE_CHILD_SA response with a
>> Notify payload of type
>> UNSUPPORTED_CRITICAL_PAYLOAD for the CREATE_CHILD_SA request with invalid
>> payload type value (1) and critical bit is set.
That's a side-effect of integrating IKEv1 support into the IKEv2 daemon
charon with 5.0. While payload type 1 is not valid for IKEv2 it denotes
an SA payload in IKEv1. The payload parser currently ignores the IKE
version and simply parses known payloads (in any IKE version).
I pushed two commits to the _payloads-version_ branch  that try to
More information about the Users