On Sat, 22 Sep 2018, D. Hugh Redelmeier wrote:
<mcp> since libreswan 3.26 + 83e33a69b27f6c5d5f4aff2fc94a1357d5126ed1 I get these syslog messages very often: http://paste.debian.net/hidden/a99f6aa9/ - that's annoying ;)
this is reproduced in test case ikev1-responder-retransmit-01-Q2
No. STATE_MAIN* and STATE_QUICK* are IKEv1 Did you not delete the retained packets in these states? This is my vague recollection. Also that I questioned whether this would cause problems.
I thought that was only related to XAUTH states, which live sort of between Main/Aggr and Quickmode, for which retransmiting a "last" packet was tricky because it of the initiator role change mid-exchange? It seems to be we are simply mismatching state machine entry. We should have one for the established IKE SA and recognise it is established and therefor a retransmit. Paul _______________________________________________ Swan-dev mailing list [email protected] https://lists.libreswan.org/mailman/listinfo/swan-dev
