Hi Thomas,
> --- a/src/libcharon/encoding/payloads/sa_payload.c
> +++ b/src/libcharon/encoding/payloads/sa_payload.c
> @@ -122,12 +122,6 @@ METHOD(payload_t, verify, status_t,
> break;
> }
> }
> - else if (current_number < expected_number)
> - {
> - DBG1(DBG_ENC, "proposal number smaller than previous");
> - status = FAILED;
> - break;
> - }
Even when removing the dead code, this proposal numbering check does not
make a lot of sense. I've change the code [1] to reject the payload only
when it has decreasing numbers; everything else should be ok.
Thanks!
Martin
[1]http://git.strongswan.org/?p=strongswan.git;a=commitdiff;h=b2e493ab
_______________________________________________
Dev mailing list
[email protected]
https://lists.strongswan.org/mailman/listinfo/dev
