[Swan-commit] Changes to ref refs/heads/master
Andrew Cagney
cagney at vault.libreswan.fi
Wed Jun 26 14:32:31 UTC 2019
New commits:
commit 06d93cdcbf437213999dd9fa8e78e0a64c3fda28
Author: Andrew Cagney <cagney at gnu.org>
Date: Tue Jun 25 17:10:57 2019 -0400
ikev2: flatten code logging no-microcode errors
Use a series of if() vis:
if (case) {
log
possibly respond
complete transition
return
}
For each case be more selective about the error fed to complete
transition code and what response if any:
- only respond with INVALID_SYNTAX when an unprotected IKE_SA_INIT
request
- when a protected message is invalid, STF_FATAL the IKE SA (and
possibly send back INVALID_SYNTAX) - this is going no where, for
instance on the initiator, discarding the message and then
re-transmitting is just going to get back the same invalid response.
More information about the Swan-commit
mailing list