Hi Martin, I tested the fix and it works. Thank you for the patch. I concur with your explanation above. I think this fix can go into the main branch.
Thanx, sach On Mon, Jul 14, 2014 at 2:12 AM, Martin Willi <[email protected]> wrote: > Hi, > > > In process_r, you check if the informational message is a DELETE > > message. Is this necessary? I am concerned that if this message is not > > a delete, but another informational message that the FW sends for > > whatever reason, we return SUCCESS, which would delete this task and > > could lead to the same problem. > > This is the original behavior we had, and I'd like to avoid changing > that if there is no specific reason to do so. > > Unfortunately IKEv1 is not that well standardized that we can predict > the peer behavior. It is actually possible that it indicates Quick mode > failure with such an INFORMATIONAL (where returning SUCCESS is the > correct behavior). It will most likely include a notify payload then, > but not sure if we can rely on that. > > The only non-delete INFORMATIONALs that I can think of at this stage are > DPD checks. These are caught in the task manager and never hit the task, > so should be no problem. > > Regards > Martin > >
_______________________________________________ Dev mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/dev
