[Swan-dev] heads up; each ikev2 exchange is in a separate file
Andrew Cagney
andrew.cagney at gmail.com
Wed Jun 2 19:31:52 UTC 2021
As I'm sure you've noticed, I've moved around the ikev2 deck chairs:
IKE_SA_INIT exchange is on port, IKE_INTERMEDIATE to fore, IKE_AUTH is
aft, and CREATE_CHILD_SA is starboard, and INFORMATIONAL is hiding in
the hold (either that, or it fell overboard). Or something like that
...
Why?
A known problem with the code is how individual exchanges use multiple
helper requests when requiring crypto (KE, DH, CERT). With each
exchange (somewhat) isolated, it becomes easier to identify and fix
individual exchanges separately.
More information about the Swan-dev
mailing list