[Swan] meaning of error code -> ENCAPSULATION_MODE_UDP_TUNNEL_DRAFTS
Paul Wouters
paul at nohats.ca
Tue Jan 9 16:38:42 UTC 2018
On Tue, 9 Jan 2018, Amir Naftali wrote:
> During key renegotiation I see the following messages in the logs
>
> Jan 9 09:10:20 hostname pluto[7888]: "connection/6x6" #35475: the peer proposed: 192.168.48.0/20:0/0 -> 100.16.2.200/32:0/0
>
> Jan 9 09:10:20 hostname pluto[7888]: "connection/4x5" #35476: ENCAPSULATION_MODE_UDP_TUNNEL_DRAFTS must only be used with old IETF drafts
>
> Jan 9 09:10:20 hostname pluto[7888]: "connection/4x5" #35476: sending encrypted notification BAD_PROPOSAL_SYNTAX to X.X.X.X:4500
that seems to point to this commit:
commit cae5af428a5182ed0f9d08e9979134703f1ce1b1
Author: Paul Wouters <paul at xelerance.com>
Date: Wed Jun 16 16:26:30 2010 -0400
The encapsulation mode enum_names were broken, causing the rather
strange message from spdb_v1_struct.c:
ENCAPSULATION_MODE_UDP_TUNNEL must only be used with old IETF drafts
(where we would expect ENCAPSULATION_MODE_UDP_TUNNEL_DRAFTS instead)
Since nothing else used these enums, this was not seen before.
That seems to suggest that's a 10 year old openswan and not libreswan?
I surely cannot find anything that could produce that string in our
code. Can you verify it is a reasonably modern libreswan?
Paul
More information about the Swan
mailing list