We are sending an unencrypted error reply that should be encrypted (but unauthenticated)
It is a bug on our end on handling IKE_AUTH failures nicely. Paul Sent from my iPhone > On Feb 12, 2017, at 14:28, D. Hugh Redelmeier <[email protected]> wrote: > > [I have not investigated this.] > > In my recent test run, testing/pluto/ikev2-algo-sha2-05 passed, but with > an EXPECTATION. When I look at west.pluto.txt, I find this: > > > | processing payload: ISAKMP_NEXT_v2N (len=8) > | selected state microcode roof > | no useful state microcode entry found > packet from 192.1.2.23:500: missing payload(s) (ISAKMP_NEXT_v2SK). Message > dropped. > | #0 complete v2 state transition from STATE_UNDEFINED with v2N_INVALID_SYNTAX > packet from 192.1.2.23:500: EXPECTATION FAILED: st != NULL && st->st_event != > NULL && st->st_event->ev_type == EVENT_v2_RETRANSMIT (in > complete_v2_state_transition at /source/programs/pluto/ikev2.c:2115) > | state transition function for STATE_UNDEFINED failed: v2N_INVALID_SYNTAX > | pluto_sd: executing action action: reloading(4), status 0 > > > What's up with this? Why are we getting a packet that cannot be handled? > _______________________________________________ > Swan-dev mailing list > [email protected] > https://lists.libreswan.org/mailman/listinfo/swan-dev _______________________________________________ Swan-dev mailing list [email protected] https://lists.libreswan.org/mailman/listinfo/swan-dev
