On Mon, 15 Jun 2015, Herbert Xu wrote:
On Mon, Jun 15, 2015 at 09:17:41AM -0400, Paul Wouters wrote:
I've confirmed interoperability, although I did notice a buglet that
the first fragment does not have its first payload's Next Payload
reset to 0. Subsequent fragments do. We'll fix that for rc3.
IIRC the first payload's NP is supposed to be the real payload
type of the first entry in the encrypted part. RFC7383 section
2.5:
o Next Payload (1 octet) - in the very first fragment (with Fragment
Number equal to 1), this field MUST be set to the payload type of
the first inner payload (the same as for the Encrypted payload).
In the rest of the Fragment messages (with Fragment Number greater
than 1), this field MUST be set to zero.
Duh!
Thanks for the heads up the bug is only in my head :)
Paul
_______________________________________________
Swan-dev mailing list
Swan-dev@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-dev
