As I'm sure you've noticed, I've moved around the ikev2 deck chairs: IKE_SA_INIT exchange is on port, IKE_INTERMEDIATE to fore, IKE_AUTH is aft, and CREATE_CHILD_SA is starboard, and INFORMATIONAL is hiding in the hold (either that, or it fell overboard). Or something like that ...
Why? A known problem with the code is how individual exchanges use multiple helper requests when requiring crypto (KE, DH, CERT). With each exchange (somewhat) isolated, it becomes easier to identify and fix individual exchanges separately. _______________________________________________ Swan-dev mailing list [email protected] https://lists.libreswan.org/mailman/listinfo/swan-dev
