[Swan-commit] Changes to ref refs/heads/master
Andrew Cagney
cagney at vault.libreswan.fi
Tue Jun 9 12:39:13 UTC 2020
New commits:
commit 156bc32b6222f063c9f6166a90490ed4b4df1bd9
Author: Andrew Cagney <cagney at gnu.org>
Date: Mon Jun 8 18:42:44 2020 -0400
ikev2: add STF_V2_DELETE_EXCHANGE_INITIATOR_IKE_SA, to trigger deleting the IKE_SA
When an IKE_AUTH response authenticates but contains an unacceptable
child an additional delete notification is required. Returning this
will trigger a delete IKE SA notification.
(technically, and in theory, since the IKE SA is established it can
hang around and just the child needs to be deleted (allowing further
CHILD SAs to establish) - later)
The current implemention fiddles the Message IDs so that
delete_state() can do a record'n'send. It should really trigger a
delete transition.
While not visible in the whack output (why not?); the code then
typically triggers a revive-cons.
More information about the Swan-commit
mailing list