On Mon, 3 Jun 2019 at 20:50, D. Hugh Redelmeier <[email protected]> wrote: > > | commit 1078374fd4fba79bb0ba5e9aa1751b2f021a1be8 > | Author: Andrew Cagney <[email protected]> > | Date: Mon Jun 3 10:04:03 2019 -0400 > | > | ikev2: use struct child_sa in ikev2_rekey_child_copy_ts(); failure > isn't a real option > | > | Only call when rekeying. Replace MD parameter with CHILD. Return > | bool. Use (new) child_sa_by_serialno() to find the old CHILD. > | pexpect(old CHILD) since there not being one is a screw up > | (resolves ???). > > The ??? resolved was on code where we generated a broken notify: > > - /* ??? RFC 7296 3.10: this notify requires protocol and SPI! */ > > Does that mean that we can re-install the pexpects in the notify emitting > code that ensured protocol and SPI were present in exactly those > notifications that require it?
I have my doubts - the code is still littered with STF_FAIL+v2N+... returns. > The pexpect was introduced in b858f9398aa5e9552b345ecea11f970774e7a8b6 > and replaced in 1897df99170a99f1d4ddef4d47689cb67488d4b4 > _______________________________________________ > Swan-dev mailing list > [email protected] > https://lists.libreswan.org/mailman/listinfo/swan-dev _______________________________________________ Swan-dev mailing list [email protected] https://lists.libreswan.org/mailman/listinfo/swan-dev
