[Swan-dev] testing/pluto/ikev2-algo-sha2-05 succeeded in an odd way
paul at nohats.ca
Sun Feb 12 20:08:51 UTC 2017
We are sending an unencrypted error reply that should be encrypted (but unauthenticated)
It is a bug on our end on handling IKE_AUTH failures nicely.
Sent from my iPhone
> On Feb 12, 2017, at 14:28, D. Hugh Redelmeier <hugh at mimosa.com> wrote:
> [I have not investigated this.]
> In my recent test run, testing/pluto/ikev2-algo-sha2-05 passed, but with
> an EXPECTATION. When I look at west.pluto.txt, I find this:
> | processing payload: ISAKMP_NEXT_v2N (len=8)
> | selected state microcode roof
> | no useful state microcode entry found
> packet from 220.127.116.11:500: missing payload(s) (ISAKMP_NEXT_v2SK). Message dropped.
> | #0 complete v2 state transition from STATE_UNDEFINED with v2N_INVALID_SYNTAX
> packet from 18.104.22.168:500: EXPECTATION FAILED: st != NULL && st->st_event != NULL && st->st_event->ev_type == EVENT_v2_RETRANSMIT (in complete_v2_state_transition at /source/programs/pluto/ikev2.c:2115)
> | state transition function for STATE_UNDEFINED failed: v2N_INVALID_SYNTAX
> | pluto_sd: executing action action: reloading(4), status 0
> What's up with this? Why are we getting a packet that cannot be handled?
> Swan-dev mailing list
> Swan-dev at lists.libreswan.org
More information about the Swan-dev