On Jan 18, 2024, at 11:09, Andrew Cagney <[email protected]> wrote: > > New commits: > commit 726d9e3aa77feac5c26e13ad497b743b41149387 > Author: Andrew Cagney <[email protected]> > Date: Thu Jan 18 08:34:49 2024 -0500 > > ikev2: drop redundant TRANSPORT vs TUNNEL conflict check > > ... in process_v2_IKE_AUTH_response_child_sa_payloads(). > Handled by process_v2_child_response_payloads() called further down. > > Note that the old check returned TS_UNACCEPTABLE where as the new > check returns NO_PROPOSAL_CHOSEN bringing it in line with the > responder (the RFC is useless here).
The RFC isn’t useless here. If we complied to the RFC, there would never be an error based on it - one MUST accept tunnel mode. _______________________________________________ Swan-dev mailing list [email protected] https://lists.libreswan.org/mailman/listinfo/swan-dev
