[Swan-dev] [Swan-commit] Changes to ref refs/heads/main
Paul Wouters
paul at nohats.ca
Thu Jan 18 19:13:58 EET 2024
On Jan 18, 2024, at 11:09, Andrew Cagney <cagney at vault.libreswan.fi> wrote:
>
> New commits:
> commit 726d9e3aa77feac5c26e13ad497b743b41149387
> Author: Andrew Cagney <cagney at gnu.org>
> Date: Thu Jan 18 08:34:49 2024 -0500
>
> ikev2: drop redundant TRANSPORT vs TUNNEL conflict check
>
> ... in process_v2_IKE_AUTH_response_child_sa_payloads().
> Handled by process_v2_child_response_payloads() called further down.
>
> Note that the old check returned TS_UNACCEPTABLE where as the new
> check returns NO_PROPOSAL_CHOSEN bringing it in line with the
> responder (the RFC is useless here).
The RFC isn’t useless here. If we complied to the RFC, there would never be an error based on it - one MUST accept tunnel mode.
More information about the Swan-dev
mailing list