Still figuring this out, but I'm wrong. Libreswan does pay attention to the unencrypted (and unauthenticated) notification.
On Sun, 30 Jun 2019, D. Hugh Redelmeier wrote: | From: D. Hugh Redelmeier <[email protected]> | To: Libreswan Development List <[email protected]> | Date: Sun, 30 Jun 2019 12:10:27 -0400 (EDT) | Subject: [Swan-dev] CentOS libreswan vs Fedora libreswan | | I'm trying to build a tunnel between a Fedora and a CentOS system, both | running libreswan-3.29-1 packages. | | I don't specify any cryptosuites -- I just let them default. | | Much to my surprise, the CentOS Responder refuses the Fedora Initiator's | negotiation: | | initiator guessed wrong keying material group (ECP_256); responding with INVALID_KE_PAYLOAD requesting MODP2048 | responding to IKE_SA_INIT (34) message (Message ID 0) from 99.241.4.30:500 with unencrypted notification INVALID_KE_PAYLOAD | | This response is fairly useless since the Initiator ought ignore | unencrypted notifications. This is surely a limitation of the protocol | standard. | | It's also seems pretty dumb to not have defaulted cryptosuites be | compatable. I'm sure that there are excuses. What are they? | | ipsec auto --up prints progress information, but does not report this | notification, making debugging harder than it should be. | | - why would 3.29 default to something 3.29 doesn't accept? | | - what is the minimal adition that I can make to the conn to allow | interop? I don't wish to specify any part of the cryptosuites but I | certainly don't want to provide a complete and detailed specification. | | Editorial comment: This sure seems like the kind of problem to drive | people away from ipsec. This should be fixed! | _______________________________________________ | Swan-dev mailing list | [email protected] | https://lists.libreswan.org/mailman/listinfo/swan-dev | _______________________________________________ Swan-dev mailing list [email protected] https://lists.libreswan.org/mailman/listinfo/swan-dev
