On Sat, 9 May 2015, Herbert Xu wrote:
On Fri, May 08, 2015 at 04:47:28PM -0400, Paul Wouters wrote:
It was actually using the same condition. At the start of the function
it calls set_nat_traversal() with the md, which checks for
nat_traversal_enabled and md->quirks.qnat_traversal_vid != VID_none
before setting st->hidden_variables.st_nat_traversal, so it is the
same condition, but it is not very obvious. As your patch makes that
more obvious, I applied it.
Well I was getting a completely reproducible crash on the passert
that went away with this patch. The other side was running openswan.
which side did not support NAT-T? I assume netkey was used with
libreswan. Was the kernel >= 2.6.22 ? I'll do a test with openswan
with nat_traversal=no (libreswan no longer supports 'no' and only
disables nat-t when the kernel does not support it)
Paul
_______________________________________________
Swan-dev mailing list
Swan-dev@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-dev
