New commits: commit 648051a96ea8f2c506741e575c5054337b34cd52 Author: Andrew Cagney <cag...@gnu.org> Date: Mon May 7 16:12:12 2018 -0400
packets: work around delete_state() scribbling a delete message all over an IKEv2 AUTH reply During an IKEv2 AUTH reply, any old IKE SA will be replaced (switching interfaces? fragmentation related?) and that can lead to the old IKE SA scribbling its delete message all over the unsent AUTH reply the the global reply_buffer[]. What next for the workaround? - move the save/restore to where the problematic delete is being called this patch does it across every delete - suppress sending a delete when replacing and old IKE SA no reason for sending the delete message, but it didn't seem to work using .st_ikev2_no_del though? - schedule the cleanup for after the current event has finished - eliminate the nasty evil global reply_buffer[] _______________________________________________ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit